Описание
Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 2.12.3-1 |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-apps/xenial | not-affected | 2.12.3-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was needed |
Показывать по
EPSS
5.8 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout.
Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows ...
Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout.
EPSS
5.8 Medium
CVSS2
6.1 Medium
CVSS3