6.8 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.6%
An open redirect in the Login page of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL.
github.com/opnsense/core/commit/6bc025af1705dcdd8ef22ff5d4fcb986fa4e45f8
logicaltrust.net/blog/2023/08/opnsense.html