oss-sec mailing list archives
Re: CVE Request: phpbb open redirect
From: cve-assign () mitre org
Date: Tue, 12 May 2015 14:54:25 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Security: An insufficient check allowed users of the Google Chrome browser to be redirected to external domains (e.g. on login). Thanks to Mathias Karlsson (avlidienbrunn)
fixed in 3.1.4 and 3.0.14
https://github.com/phpbb/phpbb/commit/1a3350619f428d9d69d196c52128727e27ef2f04 https://www.phpbb.com/community/viewtopic.php?f=14&t=2313941 https://wiki.phpbb.com/Release_Highlights/3.0.14 https://wiki.phpbb.com/Release_Highlights/3.1.4
Use CVE-2015-3880. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVUkv+AAoJEKllVAevmvmsJR0IAMnz1YeuIf4L9aHiUHJ7JdgK hIafJYE/TETW2NqT86BSdZsO7T7EeZayYNxrMbIw1kiCXYDWu5T/1k38YXc5Ncgu AYccoKUzDqoNF/IAIMuZ2DDIHQysbsroWtkf/mySqSu7PzH0NT8lUfR2QI6kjXEy A6Qwx6biUnBMJi4vpzFYbNGSmDmQhwtQs2XfbpBr0nxBquyAUlRrn0of8GyuWcAr 2RTBnlAuOO/8gBVW1eH7DYAqPXTxTqdFpB6m744Rmw+3N2RqmVyDrTEOaqNOIHs/ m5HRCvYqmGK9m2l4kezh+8G3WynPH9o/jpLZKUpknhs28cXS+Ga55hSULh2sYyI= =Q6m9 -----END PGP SIGNATURE-----
Current thread:
- CVE Request: phpbb open redirect Alessandro Ghedini (May 12)
- Re: CVE Request: phpbb open redirect Hanno Böck (May 12)
- Re: CVE Request: phpbb open redirect cve-assign (May 12)