Open Redirect Vulnerability in EGroupware Products
CVE-2011-4951

Currently unrated

Key Information:

Vendor: Egroupware
Status: Egroupware
Vendor: CVE Published:; 31 August 2012

What is CVE-2011-4951?

The open redirect vulnerability in EGroupware's phpgwapi/ntlm/index.php allows attackers to exploit a flaw in URL handling, enabling them to redirect users to potentially harmful external websites. This exposure poses significant risks for users, as it can facilitate phishing attacks and lead to unauthorized access to sensitive information by tricking users into divulging their credentials. It affects both the EGroupware Enterprise Line before version 11.1.20110804-1 and the Community Edition prior to version 1.8.001.20110805, urging users to update to the latest versions to mitigate risks.

References

http://www.egroupware.org/epl-changelog

x_refsource_CONFIRM

http://www.egroupware.org/changelog

x_refsource_CONFIRM

http://www.securityfocus.com/bid/52770

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 31, 2012

Egroupware

What is CVE-2011-4951?

References

Timeline