CVE-2019-1010290 Information
Description
Babel: Multilingual site Babel All is affected by: Open Redirection. The impact is: Redirection to any URL which is supplied to redirect.php in a \newurl\ parameter. The component is: redirect.php. The attack vector is: The victim must open a link created by an attacker. Attacker may use any legitimate site using Babel to redirect user to a URL of his/her choosing.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Reference
http://dev.cmsmadesimple.org/project/files/729
https://untrustednetwork.net/en/2019/02/20/open-redirection-vulnerability-in-babel/
Babel:
Multilingual
site
Babel
All
is
affected
by:
Open
Redirection.
The
impact
is:
Redirection
to
any
URL
which
is
supplied
to
redirect.php
in
a
\newurl
parameter.
The
component
is:
redirect.php.
The
attack
vector
is:
The
victim
must
open
a
link
created
by
an
attacker.
Attacker
may
use
any
legitimate
site
using
Babel
to
redirect
user
to
a
URL
of
his/her
choosing.
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
6.1
Share on: