HomeVbulletinCVE-2011-5251

CVE-2011-5251

UNKNOWN
5.8CVSS
Published: 2012-12-31
Updated: 2025-04-11
AI Analysis

Description

Open redirect vulnerability in forum/login.php in vBulletin 4.1.3 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter in a lostpw action.

CVSS Metrics

Vector
AV:N/AC:M/Au:N/C:P/I:P/A:N
Access Vector
network
Access Cmplx
medium
Auth
none
Confidentiality
partial
Integrity
partial
Availability
none
Weaknesses
CWE-20

Metadata

Primary Vendor
VBULLETIN
Published
12/31/2012
Last Modified
4/11/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

vbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletinvbulletin : vbulletin

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD