Описание
Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks by having a user to access a specially crafted URL.
Ссылки
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.1.1 (включая)Версия до 5.1.1 (включая)Версия до 5.1.1 (включая)
Одно из
cpe:2.3:a:groupsession:groupsession:*:*:*:*:cloud:*:*:*
cpe:2.3:a:groupsession:groupsession:*:*:*:*:free:*:*:*
cpe:2.3:a:groupsession:groupsession:*:*:*:*:zion:*:*:*
EPSS
Процентиль: 47%
0.00244
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-601
Связанные уязвимости
github
около 4 лет назад
Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks by having a user to access a specially crafted URL.
EPSS
Процентиль: 47%
0.00244
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-601