Описание
Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch.
Ссылки
- Patch
- PatchThird Party Advisory
- Patch
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.97 (исключая)
cpe:2.3:a:jhpyle:docassemble:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00157
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601
Связанные уязвимости
EPSS
Процентиль: 37%
0.00157
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601