GHSA-hwq7-cvp8-6hm3

Suggest an improvement
Source
https://github.com/advisories/GHSA-hwq7-cvp8-6hm3
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-hwq7-cvp8-6hm3/GHSA-hwq7-cvp8-6hm3.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-hwq7-cvp8-6hm3
Aliases
  • CVE-2015-3880
Published
2022-05-17T00:47:44Z
Modified
2023-11-01T04:46:07.072623Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
phpBB Open Redirect
Details

Open redirect vulnerability in phpBB before 3.0.14 and 3.1.x before 3.1.4 allows remote attackers to redirect users of Google Chrome to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Database specific
{
    "nvd_published_at": "2017-09-19T15:29:00Z",
    "cwe_ids": [
        "CWE-601"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2023-08-03T21:30:11Z"
}
References

Affected packages

Packagist / phpbb/phpbb

Package

Name
phpbb/phpbb
Purl
pkg:composer/phpbb/phpbb

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.14

Affected versions

3.*

3.0.12-RC1
3.0.12-RC2
3.0.12-RC3
3.0.12
3.0.13-PL1
3.0.13-RC1
3.0.13
3.0.14-RC1

Packagist / phpbb/phpbb

Package

Name
phpbb/phpbb
Purl
pkg:composer/phpbb/phpbb

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.1.0
Fixed
3.1.4

Affected versions

3.*

3.1.0
3.1.1
3.1.2-RC1
3.1.2
3.1.3-RC1
3.1.3-RC2
3.1.3
3.1.4-RC1
3.1.4-RC2