CVE-2019-6009

Опубликовано: 12 сент. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 5.8

EPSS Низкий

Описание

Open redirect vulnerability in SHIRASAGI v1.7.0 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Ссылки

http://jvn.jp/en/jp/JVN74699196/index.html
Third Party Advisory
https://github.com/shirasagi/shirasagi
Third Party Advisory
https://github.com/shirasagi/shirasagi/commit/6016948ea535e51b16535888af13df064a1a15d3
Patch
Third Party Advisory
https://github.com/shirasagi/shirasagi/commit/6016948ea535e51b16535888af13df064a1a15d3.patch
Patch
Third Party Advisory
https://www.ss-proj.org/
Release Notes
Vendor Advisory
http://jvn.jp/en/jp/JVN74699196/index.html
Third Party Advisory
https://github.com/shirasagi/shirasagi
Third Party Advisory
https://github.com/shirasagi/shirasagi/commit/6016948ea535e51b16535888af13df064a1a15d3
Patch
Third Party Advisory
https://github.com/shirasagi/shirasagi/commit/6016948ea535e51b16535888af13df064a1a15d3.patch
Patch
Third Party Advisory
https://www.ss-proj.org/
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ss-proj:shirasagi:*:*:*:*:*:*:*:*

Версия до 1.7.0 (включая)

EPSS

Процентиль: 54%

0.00318

Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601

Связанные уязвимости

GHSA-cj2c-3w92-rj4x