Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-1240

Опубликовано: 15 нояб. 2024
Источник: nvd
CVSS3: 4.6
CVSS3: 6.1
CVSS3: 4.6
EPSS Низкий

Описание

An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due to improper handling of the 'next' parameter in the login functionality. An attacker can exploit this vulnerability to redirect users to malicious sites, which can be used for phishing or other malicious activities. The issue is fixed in pyload-ng 0.5.0b3.dev79.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:pyload:pyload:0.5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 46%
0.00231
Низкий

4.6 Medium

CVSS3

6.1 Medium

CVSS3

4.6 Medium

CVSS3

Дефекты

CWE-601

Связанные уязвимости

debian логотип

CVE-2024-1240

CVSS3: 6.1
debian
около 1 года назад

An open redirection vulnerability exists in pyload/pyload version 0.5. ...

github логотип

GHSA-3mmf-29wp-jc9p

CVSS3: 4.6
github
около 1 года назад

An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due to improper handling of the 'next' parameter in the login functionality. An attacker can exploit this vulnerability to redirect users to malicious sites, which can be used for phishing or other malicious activities. The issue is fixed in pyload-ng 0.5.0b3.dev79.

EPSS

Процентиль: 46%
0.00231
Низкий

4.6 Medium

CVSS3

6.1 Medium

CVSS3

4.6 Medium

CVSS3

Дефекты

CWE-601