Описание
The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website.
Ссылки
- Release NotesVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:synchroweb:kiwire:3.6:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00095
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-59
Связанные уязвимости
CVSS3: 5.4
github
4 месяца назад
The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website.
EPSS
Процентиль: 27%
0.00095
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-59