Description

Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter.

Remediation

References

CVE-2008-0613

Related Vulnerabilities

WordPress Plugin WooCommerce Save For Later Cart Enhancement PHP Object Injection (1.0.6)

b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5553)

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (3.1.9)

PmWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4453)

WordPress Plugin WP DSGVO Tools (GDPR) Cross-Site Request Forgery (2.2.18)

Severity

Medium

Classification

CVE-2008-0613 CWE-59

Tags

Missing Update Known Vulnerabilities