Описание
Account Takeover in Corezoid 6.6.0 in the OAuth2 implementation via an open redirect in the redirect_uri parameter allows attackers to intercept authorization codes and gain unauthorized access to victim accounts.
EPSS
Процентиль: 21%
0.00069
Низкий
7.5 High
CVSS3
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 7.5
github
4 месяца назад
Account Takeover in Corezoid 6.6.0 in the OAuth2 implementation via an open redirect in the redirect_uri parameter allows attackers to intercept authorization codes and gain unauthorized access to victim accounts.
EPSS
Процентиль: 21%
0.00069
Низкий
7.5 High
CVSS3
Дефекты
CWE-601