ByteOS Network

NVD Vulnerability Details :

CVE-2008-3261

Modified

Source-cve@mitre.org

Published At-22 Jul, 2008 | 17:41

Updated At-11 Oct, 2018 | 20:47

Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:N/I:P/A:N

CPE Matches

claroline>>claroline>>Versions up to 1.8.9(inclusive)

cpe:2.3:a:claroline:claroline:*:*:*:*:*:*:*:*

claroline>>claroline>>1.2

cpe:2.3:a:claroline:claroline:1.2:*:*:*:*:*:*:*

claroline>>claroline>>1.3

cpe:2.3:a:claroline:claroline:1.3:*:*:*:*:*:*:*

claroline>>claroline>>1.4

cpe:2.3:a:claroline:claroline:1.4:*:*:*:*:*:*:*

claroline>>claroline>>1.5

cpe:2.3:a:claroline:claroline:1.5:*:*:*:*:*:*:*

claroline>>claroline>>1.5.3

cpe:2.3:a:claroline:claroline:1.5.3:*:*:*:*:*:*:*

claroline>>claroline>>1.5.4

cpe:2.3:a:claroline:claroline:1.5.4:*:*:*:*:*:*:*

claroline>>claroline>>1.6

cpe:2.3:a:claroline:claroline:1.6:*:*:*:*:*:*:*

claroline>>claroline>>1.6_beta

cpe:2.3:a:claroline:claroline:1.6_beta:*:*:*:*:*:*:*

claroline>>claroline>>1.6_rc1

cpe:2.3:a:claroline:claroline:1.6_rc1:*:*:*:*:*:*:*

claroline>>claroline>>1.7

cpe:2.3:a:claroline:claroline:1.7:*:*:*:*:*:*:*

claroline>>claroline>>1.7.1

cpe:2.3:a:claroline:claroline:1.7.1:*:*:*:*:*:*:*

claroline>>claroline>>1.7.2

cpe:2.3:a:claroline:claroline:1.7.2:*:*:*:*:*:*:*

claroline>>claroline>>1.7.3

cpe:2.3:a:claroline:claroline:1.7.3:*:*:*:*:*:*:*

claroline>>claroline>>1.7.4

cpe:2.3:a:claroline:claroline:1.7.4:*:*:*:*:*:*:*

claroline>>claroline>>1.7.5

cpe:2.3:a:claroline:claroline:1.7.5:*:*:*:*:*:*:*

claroline>>claroline>>1.7.6

cpe:2.3:a:claroline:claroline:1.7.6:*:*:*:*:*:*:*

claroline>>claroline>>1.7.7

cpe:2.3:a:claroline:claroline:1.7.7:*:*:*:*:*:*:*

claroline>>claroline>>1.8.0

cpe:2.3:a:claroline:claroline:1.8.0:*:*:*:*:*:*:*

claroline>>claroline>>1.8.1

cpe:2.3:a:claroline:claroline:1.8.1:*:*:*:*:*:*:*

claroline>>claroline>>1.8.2

cpe:2.3:a:claroline:claroline:1.8.2:*:*:*:*:*:*:*

claroline>>claroline>>1.8.3

cpe:2.3:a:claroline:claroline:1.8.3:*:*:*:*:*:*:*

claroline>>claroline>>1.8.4

cpe:2.3:a:claroline:claroline:1.8.4:*:*:*:*:*:*:*

claroline>>claroline>>1.8.5

cpe:2.3:a:claroline:claroline:1.8.5:*:*:*:*:*:*:*

claroline>>claroline>>1.8.6

cpe:2.3:a:claroline:claroline:1.8.6:*:*:*:*:*:*:*

claroline>>claroline>>1.8.7

cpe:2.3:a:claroline:claroline:1.8.7:*:*:*:*:*:*:*

claroline>>claroline>>1.8.8

cpe:2.3:a:claroline:claroline:1.8.8:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-59	Primary	nvd@nist.gov

CWE ID: CWE-59

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://securityreason.com/securityalert/4020	cve@mitre.org	N/A
http://sourceforge.net/project/shownotes.php?release_id=613634	cve@mitre.org	N/A
http://wiki.claroline.net/index.php/Changelog_1.8.x#Modification_between_claroline_1.8.9_and_1.8.10	cve@mitre.org	N/A
http://www.securityfocus.com/archive/1/494539/100/0/threaded	cve@mitre.org	N/A
http://www.securityfocus.com/bid/30269	cve@mitre.org	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/43854	cve@mitre.org	N/A