Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter.
References
Link | Resource |
---|---|
http://holisticinfosec.org/content/view/62/45/ | Broken Link |
https://exchange.xforce.ibmcloud.com/vulnerabilities/42157 | Third Party Advisory VDB Entry |
http://holisticinfosec.org/content/view/62/45/ | Broken Link |
https://exchange.xforce.ibmcloud.com/vulnerabilities/42157 | Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 00:45
Type | Values Removed | Values Added |
---|---|---|
References | () http://holisticinfosec.org/content/view/62/45/ - Broken Link | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/42157 - Third Party Advisory, VDB Entry |
09 Feb 2024, 02:31
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-601 | |
First Time |
Bitrix24
Bitrix24 bitrix Site Manager |
|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.1 |
CPE | cpe:2.3:a:bitrix24:bitrix_site_manager:6.5:*:*:*:*:*:*:* | |
References | () http://holisticinfosec.org/content/view/62/45/ - Broken Link | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/42157 - Third Party Advisory, VDB Entry |
Information
Published : 2008-05-02 17:05
Updated : 2024-11-21 00:45
NVD link : CVE-2008-2052
Mitre link : CVE-2008-2052
CVE.ORG link : CVE-2008-2052
JSON object : View
Products Affected
bitrix24
- bitrix_site_manager
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')