CVE-2008-3261

EUVD-2008-3249
Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
clarolineclaroline
𝑥
≤ 1.8.9
clarolineclaroline
1.2
clarolineclaroline
1.3
clarolineclaroline
1.4
clarolineclaroline
1.5
clarolineclaroline
1.5.3
clarolineclaroline
1.5.4
clarolineclaroline
1.6
clarolineclaroline
1.6_beta:_beta
clarolineclaroline
1.6_rc1:_rc1
clarolineclaroline
1.7
clarolineclaroline
1.7.1
clarolineclaroline
1.7.2
clarolineclaroline
1.7.3
clarolineclaroline
1.7.4
clarolineclaroline
1.7.5
clarolineclaroline
1.7.6
clarolineclaroline
1.7.7
clarolineclaroline
1.8.0
clarolineclaroline
1.8.1
clarolineclaroline
1.8.2
clarolineclaroline
1.8.3
clarolineclaroline
1.8.4
clarolineclaroline
1.8.5
clarolineclaroline
1.8.6
clarolineclaroline
1.8.7
clarolineclaroline
1.8.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://securityreason.com/securityalert/4020
http://sourceforge.net/project/shownotes.php?release_id=613634
http://wiki.claroline.net/index.php/Changelog_1.8.x#Modification_between_claroline_1.8.9_and_1.8.10
http://www.securityfocus.com/archive/1/494539/100/0/threaded
http://www.securityfocus.com/bid/30269
https://exchange.xforce.ibmcloud.com/vulnerabilities/43854
http://securityreason.com/securityalert/4020
http://sourceforge.net/project/shownotes.php?release_id=613634
http://wiki.claroline.net/index.php/Changelog_1.8.x#Modification_between_claroline_1.8.9_and_1.8.10
http://www.securityfocus.com/archive/1/494539/100/0/threaded
http://www.securityfocus.com/bid/30269
https://exchange.xforce.ibmcloud.com/vulnerabilities/43854