CVE-2018-6200
First published: Thu Jan 25 2018(Updated: )
vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| vBulletin vBulletin | >=3.0.0<=3.8.11 | |
| vBulletin vBulletin | >=4.2.0<=4.2.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-6200?
CVE-2018-6200 is a vulnerability in vBulletin versions 3.x.x and 4.2.x through 4.2.5 that allows for an open redirect via the redirector.php URL parameter.
How does CVE-2018-6200 affect vBulletin?
CVE-2018-6200 affects vBulletin versions 3.x.x and 4.2.x through 4.2.5.
What is the severity of CVE-2018-6200?
The severity of CVE-2018-6200 is medium with a CVSS score of 6.1.
How can the CVE-2018-6200 vulnerability be exploited?
The vulnerability CVE-2018-6200 can be exploited by manipulating the redirector.php URL parameter to perform an open redirect.
Is there a fix available for CVE-2018-6200?
Yes, a fix is available for CVE-2018-6200. It is recommended to update vBulletin to a version that is not affected by this vulnerability.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/vbulletin
- canonical/vbulletin vbulletin
- version/vbulletin vbulletin/3.0.0
- version/vbulletin vbulletin/3.8.11
- version/vbulletin vbulletin/4.2.0
- version/vbulletin vbulletin/4.2.5