exploitDog

GHSA-h6q2-5rg7-wqfj

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly check the goto parameter, leading to an open redirect that leaks the session cookie.

An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly check the goto parameter, leading to an open redirect that leaks the session cookie.

Ссылки

EPSS

Процентиль: 70%

0.00634

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-601

Связанные уязвимости

CVE-2019-14912

CVSS3: 6.1

nvd

больше 6 лет назад

An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly check the goto parameter, leading to an open redirect that leaks the session cookie.

EPSS

Процентиль: 70%

0.00634

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-601