Open Redirect Vulnerability in vBulletin Products by vBulletin Solutions
CVE-2018-6200

6.1MEDIUM

Key Information:

Vendor: Vbulletin
Status: Vbulletin
Vendor: CVE Published:; 3 October 2022

What is CVE-2018-6200?

The vBulletin software, specifically versions 3.x.x and 4.2.x up to 4.2.5, is affected by a security issue that allows an open redirect through the redirector.php URL parameter. This vulnerability can potentially be exploited to redirect users to malicious sites, jeopardizing user safety and data integrity. Organizations using these versions of vBulletin should evaluate their systems and implement necessary measures to ensure security against unauthorized redirects.

References

https://cxsecurity.com/issue/WLB-2018010251

x_refsource_MISC

EPSS Score

18% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2022
Vulnerability Reserved
Oct 3, 2022

Vbulletin

What is CVE-2018-6200?

References

EPSS Score

CVSS V3.1

Timeline