Medium severity6.1NVD Advisory· Published Sep 19, 2017· Updated Jun 17, 2026
CVE-2015-3880
CVE-2015-3880
Description
Open redirect vulnerability in phpBB before 3.0.14 and 3.1.x before 3.1.4 allows remote attackers to redirect users of Google Chrome to arbitrary web sites and conduct phishing attacks via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
phpbb/phpbbPackagist | < 3.0.14 | 3.0.14 |
phpbb/phpbbPackagist | >= 3.1.0, < 3.1.4 | 3.1.4 |
Affected products
24cpe:2.3:a:phpbb:phpbb:3.1.0:*:*:*:*:*:*:*+ 22 more
- cpe:2.3:a:phpbb:phpbb:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:a1:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:a2:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:a3:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:b1:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:b2:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:b3:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:b4:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.0:rc6:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.4:rc1:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:3.1.4:rc2:*:*:*:*:*:*
- cpe:2.3:a:phpbb:phpbb:*:rc1:*:*:*:*:*:*range: <=3.0.14
Patches
Vulnerability mechanics
References
10- www.openwall.com/lists/oss-security/2015/05/12/10nvdMailing ListPatchThird Party AdvisoryWEB
- github.com/phpbb/phpbb/commit/1a3350619f428d9d69d196c52128727e27ef2f04nvdPatchThird Party AdvisoryWEB
- www.securityfocus.com/bid/74592nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-hwq7-cvp8-6hm3ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-3880ghsaADVISORY
- wiki.phpbb.com/Release_Highlights/3.0.14nvdThird Party AdvisoryWEB
- wiki.phpbb.com/Release_Highlights/3.1.4nvdThird Party AdvisoryWEB
- www.phpbb.com/community/viewtopic.phpnvdVendor AdvisoryWEB
- github.com/phpbb/phpbb/commit/c1702b8e19a69c98ef049abb4e14157e3e208ed4ghsaWEB
- web.archive.org/web/20170520103544/http://www.securityfocus.com/bid/74592ghsaWEB
News mentions
0No linked articles in our index yet.