Описание
Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:koozali:sme_server:8.0:*:*:*:*:*:*:*
cpe:2.3:a:koozali:sme_server:9.0:*:*:*:*:*:*:*
cpe:2.3:a:koozali:sme_server:9.2:*:*:*:*:*:*:*
cpe:2.3:a:koozali:sme_server:10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.0214
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 6.1
github
около 3 лет назад
Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access.
EPSS
Процентиль: 83%
0.0214
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-601