Описание
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash.
Ссылки
- PatchVendor Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchVendor Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect.
In WordPress before 5.2.3, validation and sanitization of a URL in wp_ ...
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect.
Уязвимость функции wp_validate_redirect системы управления содержимым сайта WordPress, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
EPSS
6.1 Medium
CVSS3
5.8 Medium
CVSS2