CVE-2018-1000671

NameCVE-2018-1000671
Descriptionsympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action. that can result in Open redirection and reflected XSS via data URIs. This attack appear to be exploitable via Victim's browser must follow a URL supplied by the attacker. This vulnerability appears to have been fixed in none available.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1512-1
NVD severitymedium (attack range: remote)
Debian Bugs908165

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
sympa (PTS)jessie6.1.23~dfsg-2+deb8u1vulnerable
jessie (security)6.1.23~dfsg-2+deb8u3fixed
stretch6.2.16~dfsg-3+deb9u2vulnerable
stretch (security)6.2.16~dfsg-3+deb9u1vulnerable
buster6.2.40~dfsg-1fixed
bullseye, sid6.2.40~dfsg-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sympasource(unstable)6.2.36~dfsg-1medium908165
sympasourcejessie6.1.23~dfsg-2+deb8u3mediumDLA-1512-1

Notes

[stretch] - sympa <no-dsa> (Minor issue)
https://github.com/sympa-community/sympa/issues/268
https://github.com/sympa-community/sympa/commit/c6ce32a6c203070702eac45a4442a17d2bf7b0c1
https://github.com/sympa-community/sympa/commit/03314a9baf7f7903283253829877afd0ae50e325

Search for package or bug name: Reporting problems