Описание
Open redirect vulnerability exists in web2py versions prior to 2.23.1. When using the tool, a web2py user may be redirected to an arbitrary website by accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| esm-apps/xenial | needed | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
10
EPSS
Процентиль: 97%
0.38217
Средний
6.1 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.1
nvd
почти 3 года назад
Open redirect vulnerability exists in web2py versions prior to 2.23.1. When using the tool, a web2py user may be redirected to an arbitrary website by accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack.
CVSS3: 6.1
debian
почти 3 года назад
Open redirect vulnerability exists in web2py versions prior to 2.23.1. ...
EPSS
Процентиль: 97%
0.38217
Средний
6.1 Medium
CVSS3