CVE-2008-2052

Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:bitrix24:bitrix_site_manager:6.5:*:*:*:*:*:*:*

History

21 Nov 2024, 00:45

Type Values Removed Values Added
References () http://holisticinfosec.org/content/view/62/45/ - Broken Link () http://holisticinfosec.org/content/view/62/45/ - Broken Link
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/42157 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/42157 - Third Party Advisory, VDB Entry

09 Feb 2024, 02:31

Type Values Removed Values Added
CWE CWE-59 CWE-601
First Time Bitrix24
Bitrix24 bitrix Site Manager
CVSS v2 : 4.3
v3 : unknown
v2 : 4.3
v3 : 6.1
CPE cpe:2.3:a:bitrix:bitrix_site_manager:6.5:*:*:*:*:*:*:* cpe:2.3:a:bitrix24:bitrix_site_manager:6.5:*:*:*:*:*:*:*
References () http://holisticinfosec.org/content/view/62/45/ - () http://holisticinfosec.org/content/view/62/45/ - Broken Link
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/42157 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/42157 - Third Party Advisory, VDB Entry

Information

Published : 2008-05-02 17:05

Updated : 2024-11-21 00:45


NVD link : CVE-2008-2052

Mitre link : CVE-2008-2052

CVE.ORG link : CVE-2008-2052


JSON object : View

Products Affected

bitrix24

  • bitrix_site_manager
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')