CVE-2023-46750

Опубликовано: 14 дек. 2023

Источник: debian

EPSS Низкий

Описание

URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+.

Пакеты

Пакет	Статус	Релиз	Тип
shiro	unfixed		package
shiro	no-dsa	trixie	package
shiro	no-dsa	bookworm	package
shiro	no-dsa	bullseye	package
shiro	no-dsa	buster	package

Примечания

https://lists.apache.org/thread/hoc9zdyzmmrfj1zhctsvvtx844tcq6w9

EPSS

Процентиль: 42%

0.00201

Низкий

Связанные уязвимости

CVE-2023-46750

CVSS3: 6.1

ubuntu

около 2 лет назад

URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+.

CVE-2023-46750

CVSS3: 6.1

redhat

около 2 лет назад

URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+.

CVE-2023-46750

CVSS3: 6.1

nvd

около 2 лет назад

URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+.

GHSA-hhw5-c326-822h

CVSS3: 6.1

github

около 2 лет назад

Open redirect in Apache Shiro

EPSS

Процентиль: 42%

0.00201

Низкий