[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: CVE Request: phpbb open redirect
From:       cve-assign () mitre ! org
Date:       2015-05-12 18:54:25
Message-ID: 20150512185425.3140BB2E0AF () smtpvbsrv1 ! mitre ! org
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>> Security: An insufficient check allowed users of the Google Chrome browser to
>> be redirected to external domains (e.g. on login). Thanks to Mathias Karlsson
>> (avlidienbrunn)

> fixed in 3.1.4 and 3.0.14

> https://github.com/phpbb/phpbb/commit/1a3350619f428d9d69d196c52128727e27ef2f04
> https://www.phpbb.com/community/viewtopic.php?f=14&t=2313941
> https://wiki.phpbb.com/Release_Highlights/3.0.14
> https://wiki.phpbb.com/Release_Highlights/3.1.4

Use CVE-2015-3880.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJVUkv+AAoJEKllVAevmvmsJR0IAMnz1YeuIf4L9aHiUHJ7JdgK
hIafJYE/TETW2NqT86BSdZsO7T7EeZayYNxrMbIw1kiCXYDWu5T/1k38YXc5Ncgu
AYccoKUzDqoNF/IAIMuZ2DDIHQysbsroWtkf/mySqSu7PzH0NT8lUfR2QI6kjXEy
A6Qwx6biUnBMJi4vpzFYbNGSmDmQhwtQs2XfbpBr0nxBquyAUlRrn0of8GyuWcAr
2RTBnlAuOO/8gBVW1eH7DYAqPXTxTqdFpB6m744Rmw+3N2RqmVyDrTEOaqNOIHs/
m5HRCvYqmGK9m2l4kezh+8G3WynPH9o/jpLZKUpknhs28cXS+Ga55hSULh2sYyI=
=Q6m9
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]