exploitDog

CVE-2023-6552

Опубликовано: 08 янв. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Lack of "current" GET parameter validation during the action of changing a language leads to an open redirect vulnerability.

Ссылки

https://cert.pl/en/posts/2024/01/CVE-2023-6552/
Third Party Advisory
https://cert.pl/posts/2024/01/CVE-2023-6552/
Third Party Advisory
https://github.com/TasmoAdmin/TasmoAdmin/pull/1039
Patch
https://cert.pl/en/posts/2024/01/CVE-2023-6552/
Third Party Advisory
https://cert.pl/posts/2024/01/CVE-2023-6552/
Third Party Advisory
https://github.com/TasmoAdmin/TasmoAdmin/pull/1039
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tasmoadmin:tasmoadmin:*:*:*:*:*:*:*:*

Версия до 3.3.0 (исключая)

EPSS

Процентиль: 45%

0.00229

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-601

CWE-601

Связанные уязвимости

GHSA-ph8w-v57g-j3g7

CVSS3: 6.1

github

около 2 лет назад

Lack of "current" GET parameter validation during the action of changing a language leads to an open redirect vulnerability.

EPSS

Процентиль: 45%

0.00229

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-601

CWE-601