Description
Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45071
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=122152798516853&w=2
Various Sources x_refsource_confirm
http://developer.joomla.org/security/news/274-20080904-core-redirect-spam.html
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=122115344915232&w=2
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4275
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=122118210029084&w=2
Scores
EPSS
0.0001
EPSS Percentile
1.0%
Details
CWE
CWE-59
Status
published
Products (8)
joomla/framework
1.5.0 - 1.5.7Packagist
joomla/joomla
1.5
joomla/joomla
1.5.1
joomla/joomla
1.5.2
joomla/joomla
1.5.3
joomla/joomla
1.5.4
joomla/joomla
1.5.5
joomla/joomla
1.5.6
Published
Sep 18, 2008
Tracked Since
Feb 18, 2026