CVE-2017-18380

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-18380

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-18380.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-18380

Published

2019-07-30T13:15:13.310Z

Modified

2026-04-10T03:59:56.002315Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

edx-platform before 2017-08-03 allows attackers to trigger password-reset e-mail messages in which the reset link has an attacker-controlled domain name.

References

Affected packages

Git / github.com/edx/edx-platform

Affected ranges

Type

GIT

Repo

https://github.com/edx/edx-platform

Events

Introduced

Fixed

78708e41e926d7d3bb18aa6a81edff1c22d609d7

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2017-08-03"
        }
    ]
}

Affected versions

Other

release-2016-12-14

release-2016-12-20

release-2017-01-04

release-2017-01-05

release-2017-01-10

release-2017-01-12

release-2017-01-18

release-2017-01-19

release-2017-01-20

release-2017-01-23

release-2017-01-25

release-2017-01-24-11.*

release-2017-01-24-11.34

release-2017-01-24-13.*

release-2017-01-24-13.56

release-2017-01-24-14.*

release-2017-01-24-14.03

release-2017-01-24-14.42

release-2017-01-24-16.*

release-2017-01-24-16.28

release-2017-01-24-16.53

release-2017-01-26-11.*

release-2017-01-26-11.01

release-2017-01-27-10.*

release-2017-01-27-10.25

release-2017-01-30-11.*

release-2017-01-30-11.59

release-2017-01-31-10.*

release-2017-01-31-10.55

release-2017-02-02-10.*

release-2017-02-02-10.47

release-2017-02-03-10.*

release-2017-02-03-10.45

release-2017-02-06-10.*

release-2017-02-06-10.01

release-2017-02-07-10.*

release-2017-02-07-10.46

release-2017-02-08-12.*

release-2017-02-08-12.19

release-2017-02-10-11.*

release-2017-02-10-11.52

release-2017-02-15-12.*

release-2017-02-15-12.20

release-2017-02-15-13.*

release-2017-02-15-13.29

release-2017-02-16-10.*

release-2017-02-16-10.22

release-2017-02-16-12.*

release-2017-02-16-12.24

release-2017-02-24-11.*

release-2017-02-24-11.41

release-2017-02-27-10.*

release-2017-02-27-10.28

release-2017-02-28-10.*

release-2017-02-28-10.53

release-2017-03-02-10.*

release-2017-03-02-10.54

release-2017-03-03-10.*

release-2017-03-03-10.27

release-2017-03-06-10.*

release-2017-03-06-10.08

release-2017-03-08-10.*

release-2017-03-08-10.55

release-2017-03-09-14.*

release-2017-03-09-14.39

release-2017-03-09-14.55

release-2017-03-09-15.*

release-2017-03-09-15.41

release-2017-03-10-10.*

release-2017-03-10-10.52

release-2017-03-13-10.*

release-2017-03-13-10.55

release-2017-03-16-10.*

release-2017-03-16-10.15

release-2017-03-17-10.*

release-2017-03-17-10.23

release-2017-03-20-10.*

release-2017-03-20-10.15

release-2017-03-24-10.*

release-2017-03-24-10.31

release-2017-03-27-11.*

release-2017-03-27-11.36

release-2017-03-27-14.*

release-2017-03-27-14.50

release-2017-03-28-10.*

release-2017-03-28-10.35

release-2017-03-29-10.*

release-2017-03-29-10.46

release-2017-03-30-10.*

release-2017-03-30-10.19

release-2017-03-31-10.*

release-2017-03-31-10.31

release-2017-04-04-16.*

release-2017-04-04-16.57

release-2017-04-06-10.*

release-2017-04-06-10.13

release-2017-04-07-10.*

release-2017-04-07-10.37

release-2017-04-11-09.*

release-2017-04-11-09.47

release-2017-04-12-10.*

release-2017-04-12-10.02

release-2017-04-13-13.*

release-2017-04-13-13.13

release-2017-04-14-10.*

release-2017-04-14-10.45

release-2017-04-18-10.*

release-2017-04-18-10.48

release-2017-04-19-11.*

release-2017-04-19-11.07

release-2017-04-20-11.*

release-2017-04-20-11.19

release-2017-04-26-10.*

release-2017-04-26-10.55

release-2017-04-27-13.*

release-2017-04-27-13.54

release-2017-05-01-12.*

release-2017-05-01-12.06

release-2017-05-02-10.*

release-2017-05-02-10.39

release-2017-05-03-11.*

release-2017-05-03-11.26

release-2017-05-04-10.*

release-2017-05-04-10.04

release-2017-05-05-10.*

release-2017-05-05-10.55

release-2017-05-08-11.*

release-2017-05-08-11.05

release-2017-05-08-13.*

release-2017-05-08-13.55

release-2017-05-09-10.*

release-2017-05-09-10.12

release-2017-05-12-09.*

release-2017-05-12-09.54

release-2017-05-16-15.*

release-2017-05-16-15.56

release-2017-05-17-12.*

release-2017-05-17-12.16

release-2017-05-19-12.*

release-2017-05-19-12.18

release-2017-05-23-10.*

release-2017-05-23-10.10

release-2017-05-24-11.*

release-2017-05-24-11.05

release-2017-05-25-10.*

release-2017-05-25-10.12

release-2017-05-30-10.*

release-2017-05-30-10.20

release-2017-05-31-11.*

release-2017-05-31-11.18

release-2017-06-01-12.*

release-2017-06-01-12.14

release-2017-06-05-10.*

release-2017-06-05-10.46

release-2017-06-07-10.*

release-2017-06-07-10.37

release-2017-06-09-10.*

release-2017-06-09-10.25

release-2017-06-13-09.*

release-2017-06-13-09.54

release-2017-06-14-10.*

release-2017-06-14-10.56

release-2017-06-14-14.*

release-2017-06-14-14.18

release-2017-06-15-10.*

release-2017-06-15-10.10

release-2017-06-16-09.*

release-2017-06-16-09.46

release-2017-06-19-11.*

release-2017-06-19-11.39

release-2017-06-20-10.*

release-2017-06-20-10.33

release-2017-06-21-12.*

release-2017-06-21-12.22

release-2017-06-22-10.*

release-2017-06-22-10.40

release-2017-06-23-13.*

release-2017-06-23-13.54

release-2017-06-26-12.*

release-2017-06-26-12.11

release-2017-06-27-09.*

release-2017-06-27-09.53

release-2017-06-28-11.*

release-2017-06-28-11.31

release-2017-06-29-10.*

release-2017-06-29-10.31

release-2017-06-30-10.*

release-2017-06-30-10.42

release-2017-06-30-14.*

release-2017-06-30-14.04

release-2017-07-05-11.*

release-2017-07-05-11.40

release-2017-07-06-10.*

release-2017-07-06-10.17

release-2017-07-10-12.*

release-2017-07-10-12.54

release-2017-07-11-11.*

release-2017-07-11-11.04

release-2017-07-13-10.*

release-2017-07-13-10.42

release-2017-07-14-10.*

release-2017-07-14-10.08

release-2017-07-18-11.*

release-2017-07-18-11.53

release-2017-07-19-11.*

release-2017-07-19-11.31

release-2017-07-20-10.*

release-2017-07-20-10.39

release-2017-07-21-10.*

release-2017-07-21-10.41

release-2017-07-24-13.*

release-2017-07-24-13.06

release-2017-07-25-11.*

release-2017-07-25-11.43

release-2017-07-25-17.*

release-2017-07-25-17.42

release-2017-07-25-20.*

release-2017-07-25-20.52

release-2017-07-25-23.*

release-2017-07-25-23.50

release-2017-07-27-09.*

release-2017-07-27-09.38

release-2017-07-28-10.*

release-2017-07-28-10.29

release-2017-07-31-13.*

release-2017-07-31-13.01

release-2017-08-01-10.*

release-2017-08-01-10.30

release-2017-08-02-10.*

release-2017-08-02-10.16

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-18380.json"