CVE-2014-7292

2014-10-2314:55:02

[email protected]

web.nvd.nist.gov

cve-2014-7292

open redirect

vulnerability

newtelligence dasblog

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

84.1%

JSON

Open redirect vulnerability in the Click-Through feature in Newtelligence dasBlog 2.1 (2.1.8102.813), 2.2 (2.2.8279.16125), and 2.3 (2.3.9074.18820) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to ct.ashx.

Affected configurations

NVD

Node

newtelligencedasblogMatch2.12.1.8102.813

newtelligencedasblogMatch2.22.2.8279.16125

newtelligencedasblogMatch2.32.3.9074.18820

CPENameOperatorVersion
newtelligence:dasblognewtelligence dasblogeq2.1
newtelligence:dasblognewtelligence dasblogeq2.2
newtelligence:dasblognewtelligence dasblogeq2.3