Описание
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.6.1+dfsg-1 |
| esm-apps/xenial | not-affected | 3.6.1+dfsg-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [3.6.1+dfsg-1]] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | not-affected | 3.6.1+dfsg-1 |
| trusty | not-affected | 3.6.1+dfsg-1 |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 75%
0.00882
Низкий
7.5 High
CVSS2
Связанные уязвимости
nvd
около 12 лет назад
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.
debian
около 12 лет назад
WordPress before 3.6.1 does not properly validate URLs before use in a ...
github
больше 3 лет назад
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.
EPSS
Процентиль: 75%
0.00882
Низкий
7.5 High
CVSS2