Medium severity6.1NVD Advisory· Published Sep 6, 2018· Updated Jun 17, 2026
CVE-2018-1000671
CVE-2018-1000671
Description
sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action. that can result in Open redirection and reflected XSS via data URIs. This attack appear to be exploitable via Victim's browser must follow a URL supplied by the attacker. This vulnerability appears to have been fixed in none available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/sympa-community/sympa/issues/268nvdIssue TrackingThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/09/msg00023.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2020/11/msg00015.htmlnvd
- usn.ubuntu.com/4442-1/nvd
News mentions
0No linked articles in our index yet.