Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x before 1.0.21, 1.1.x before 1.1.31, 1.2.x before 1.2.42, and 1.3.x before 1.3.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the ReturnUrl parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2013-01-12T02:00:00
Updated: 2024-08-07T00:30:46.825Z
Reserved: 2013-01-11T00:00:00
Link: CVE-2011-5252
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-01-12T04:33:48.993
Modified: 2017-08-29T01:30:46.193
Link: CVE-2011-5252
Redhat
No data.