CVE-2017-12138

XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /modules/profile/index.php because of the URL filter.
References
Link Resource
https://github.com/XOOPS/XoopsCore25/issues/523 Third Party Advisory
http://www.securityfocus.com/bid/100091 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:xoops:xoops:2.5.8:*:*:*:*:*:*:*

Information

Published : 2017-08-01 22:29

Updated : 2017-08-04 07:50


NVD link : CVE-2017-12138

Mitre link : CVE-2017-12138


JSON object : View

CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

Advertisement

dedicated server usa

Products Affected

xoops

  • xoops