exploitDog

GHSA-q5pf-fqpw-c8jv

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) r parameter to switch.php or (2) goto parameter to admin/login.php.

Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) r parameter to switch.php or (2) goto parameter to admin/login.php.

Ссылки

EPSS

Процентиль: 94%

0.14812

Средний

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2012-0865

nvd

почти 14 лет назад

Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) r parameter to switch.php or (2) goto parameter to admin/login.php.

EPSS

Процентиль: 94%

0.14812

Средний

CVE ID

Дефекты

CWE-20