Описание
Open redirect vulnerability exists in web2py versions prior to 2.23.1. When using the tool, a web2py user may be redirected to an arbitrary website by accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack.
Ссылки
- Product
- Product
- Third Party Advisory
- Product
- Product
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.23.1 (исключая)
cpe:2.3:a:web2py:web2py:*:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.38217
Средний
6.1 Medium
CVSS3
Дефекты
CWE-601
CWE-601
Связанные уязвимости
CVSS3: 6.1
ubuntu
почти 3 года назад
Open redirect vulnerability exists in web2py versions prior to 2.23.1. When using the tool, a web2py user may be redirected to an arbitrary website by accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack.
CVSS3: 6.1
debian
почти 3 года назад
Open redirect vulnerability exists in web2py versions prior to 2.23.1. ...
EPSS
Процентиль: 97%
0.38217
Средний
6.1 Medium
CVSS3
Дефекты
CWE-601
CWE-601