Описание
A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- Permissions RequiredThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Permissions RequiredThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
3.5 Low
CVSS3
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Уязвимость компонента /admin/general/change-lang программного обеспечения TrueConf Server, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес
EPSS
3.5 Low
CVSS3
6.1 Medium
CVSS3
5.8 Medium
CVSS2