CVE DATABASE / CVE-2008-2052
CVE-2008-2052
CVSS 6.1 · MEDIUM
Summary
Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter.
CVSS 3.1 breakdown
| Base score | 6.1 (MEDIUM) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality | LOW |
| Integrity | LOW |
| Availability | NONE |
Weakness type (CWE)
Affected products
Bitrix24 bitrix site manager
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://holisticinfosec.org/content/view/62/45/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42157
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.