CVE-2011-5079
Published Feb 14, 2012
Last updated 13 years ago
Overview
- Description
- Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL, probably in the "return url parameter."
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 4.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netcreators:irfaq:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7BEE512-8A6E-497A-A1B7-93117AD342EA",
"versionEndIncluding": "1.1.2"
},
{
"criteria": "cpe:2.3:a:netcreators:irfaq:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "600637DF-345E-43E5-8FE2-67E963A4261C"
},
{
"criteria": "cpe:2.3:a:netcreators:irfaq:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FB8DFE0-3255-4E63-BA1A-E827FD43BF20"
},
{
"criteria": "cpe:2.3:a:netcreators:irfaq:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FECE0FAE-E687-4A63-9E8F-3DADB34F47A8"
},
{
"criteria": "cpe:2.3:a:netcreators:irfaq:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE834341-54B2-46A0-B0DF-7532E4551698"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5F1C59B0-CDF2-4F9A-88C7-61E8F18590DB"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]