exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2017-16652

около 7 лет назад

An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect response, but no check is performed on the path, which could be an absolute URL to an external domain. This Open redirect vulnerability can be exploited for example to mount effective phishing attacks.

CVSS3: 6.1

EPSS: Низкий

CVE-2017-16652

около 7 лет назад

An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect response, but no check is performed on the path, which could be an absolute URL to an external domain. This Open redirect vulnerability can be exploited for example to mount effective phishing attacks.

CVSS3: 6.1

EPSS: Низкий

CVE-2017-16652

около 7 лет назад

An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2 ...

CVSS3: 6.1

EPSS: Низкий

GHSA-r7p7-qr7p-2rrf

около 3 лет назад

Symfony Open Redirect

CVSS3: 6.1

EPSS: Низкий

BDU:2019-04112

больше 7 лет назад

Уязвимость компонентов DefaultAuthenticationSuccessHandler, DefaultAuthenticationFailureHandler программной платформы для разработки и управления веб-приложениями Symfony, позволяющая нарушителю проводить фишинг-атаки и получить доступ к защищаемой информации

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-16652 An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect response, but no check is performed on the path, which could be an absolute URL to an external domain. This Open redirect vulnerability can be exploited for example to mount effective phishing attacks.	CVSS3: 6.1	0% Низкий	около 7 лет назад
CVE-2017-16652 An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect response, but no check is performed on the path, which could be an absolute URL to an external domain. This Open redirect vulnerability can be exploited for example to mount effective phishing attacks.	CVSS3: 6.1	0% Низкий	около 7 лет назад
CVE-2017-16652 An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2 ...	CVSS3: 6.1	0% Низкий	около 7 лет назад
GHSA-r7p7-qr7p-2rrf Symfony Open Redirect	CVSS3: 6.1	0% Низкий	около 3 лет назад
BDU:2019-04112 Уязвимость компонентов DefaultAuthenticationSuccessHandler, DefaultAuthenticationFailureHandler программной платформы для разработки и управления веб-приложениями Symfony, позволяющая нарушителю проводить фишинг-атаки и получить доступ к защищаемой информации	CVSS3: 6.1	0% Низкий	больше 7 лет назад

Уязвимостей на страницу