Количество 2
Количество 2
CVE-2024-1440
An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A malicious actor can craft a valid link that redirects users to an attacker-controlled site. By exploiting this vulnerability, an attacker may trick users into visiting a malicious page, enabling phishing attacks to harvest sensitive information or perform other harmful actions.
GHSA-cp5v-2hmc-3vjx
WSO2 is vulnerable to Open Redirect through multi-option URL in its authentication endpoint
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-1440 An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A malicious actor can craft a valid link that redirects users to an attacker-controlled site. By exploiting this vulnerability, an attacker may trick users into visiting a malicious page, enabling phishing attacks to harvest sensitive information or perform other harmful actions. | CVSS3: 5.4 | 0% Низкий | 8 месяцев назад |
| GHSA-cp5v-2hmc-3vjx WSO2 is vulnerable to Open Redirect through multi-option URL in its authentication endpoint | CVSS3: 5.4 | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу