CVE-2014-8870

Name of the Vulnerable Software and Affected Versions Tapatalk (com.tapatalk.wbb4) plugin versions prior to 1.1.2 for Woltlab Burning Board 4.0

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the board url parameter. This can be exploited by providing a malicious URL, potentially leading to phishing attacks.

Recommendations For versions prior to 1.1.2, update to version 1.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the welcome.php file in the mobiquo/smartbanner directory until the update is applied. Avoid using the board url parameter in the affected plugin until the issue is resolved.