Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-4553

Опубликовано: 06 дек. 2011
Источник: nvd
CVSS2: 5.8
EPSS Низкий

Описание

Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow (1) remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the return_to parameter, and allow (2) remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via crafted characters in the domain name of a subdomain.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:oneclickorgs:one_click_orgs:*:*:*:*:*:*:*:*
Версия до 1.2.2 (включая)
cpe:2.3:a:oneclickorgs:one_click_orgs:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 45%
0.00224
Низкий

5.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

github логотип

GHSA-4cc4-gwfx-gr3r

github
больше 3 лет назад

Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow (1) remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the return_to parameter, and allow (2) remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via crafted characters in the domain name of a subdomain.

EPSS

Процентиль: 45%
0.00224
Низкий

5.8 Medium

CVSS2

Дефекты

CWE-20