Vulnerabilities > CVE-2013-4680 - Unspecified vulnerability in URS Maag Form Captcha

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
urs-maag
typo3
NVD
Published: 2013-06-25
Updated: 2017-08-29

Summary

Open redirect vulnerability in Maag Form Captcha extension 2.0.0 and earlier for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Urs_Maag
10
Application
Typo3
1

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 60298 CVE(CAN) ID: CVE-2013-4680 Typo3是开源内容管理系统(CMS)和内容管理框架(CMF)。 TYPO3的Maag Form Captcha 2.0.0及更早版本存在开放重定向漏洞,攻击者利用此漏洞可将用户重定向到任意网站并执行钓鱼攻击。 0 TYPO3 Maag Form Captcha <= 2.0.0 厂商补丁: TYPO3 ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://typo3.org/extensions/repository/
idSSV:60858
last seen2017-11-19
modified2013-06-27
published2013-06-27
reporterRoot
titleTYPO3 Maag Form Captcha开放重定向漏洞

References