CVE-2008-2951

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function.
Configurations

Configuration 1

cpe:2.3:a:trac:trac:0.8:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.9:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.8.3:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.10:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.6:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.5:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:*:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.9:b2:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.10.3.1:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.10.3:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.8.4:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.9:b1:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.10.2:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.7:*:*:*:*:*:*:*
cpe:2.3:a:trac:trac:0.9.2:*:*:*:*:*:*:*

Information

Published : 2008-07-27 10:41

Updated : 2017-08-08 01:31


NVD link : CVE-2008-2951

Mitre link : CVE-2008-2951

Products Affected
No products.
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')