Описание
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.6.1+dfsg-1 |
| esm-apps/xenial | not-affected | 3.6.1+dfsg-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [3.6.1+dfsg-1]] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | not-affected | 3.6.1+dfsg-1 |
| trusty | not-affected | 3.6.1+dfsg-1 |
Показывать по
10
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
nvd
почти 12 лет назад
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.
debian
почти 12 лет назад
WordPress before 3.6.1 does not properly validate URLs before use in a ...
github
около 3 лет назад
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.
7.5 High
CVSS2