CVE-2017-20164

🗓️ 07 Jan 2023 19:25:53Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 52 Views🌐 WEB

CVE-2017-20164 vulnerability in Symbiote Seed up to 6.0.2 allows remote attackers to conduct open redirect via manipulation of the URL argument in code/extensions/SecurityLoginExtension.ph

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2017-20164	8 Jan 202306:13	–	circl
CNNVD	Symbiote Seed 输入验证错误漏洞	7 Jan 202300:00	–	cnnvd
Cvelist	CVE-2017-20164 Symbiote Seed Login SecurityLoginExtension.php onBeforeSecurityLogin redirect	7 Jan 202319:25	–	cvelist
EUVD	EUVD-2023-0575	3 Oct 202520:07	–	euvd
Github Security Blog	Symbiote Seed Open Redirect vulnerability	7 Jan 202321:30	–	github
NVD	CVE-2017-20164	7 Jan 202320:15	–	nvd
OSV	GHSA-WM32-3R4M-JVCC Symbiote Seed Open Redirect vulnerability	7 Jan 202321:30	–	osv
Prion	Open redirect	7 Jan 202320:15	–	prion
Positive Technologies	PT-2023-10616 · Unknown · Symbiote Seed	7 Jan 202300:00	–	ptsecurity
RedhatCVE	CVE-2017-20164	22 May 202510:47	–	redhatcve

NVD

Vulners

Node

symbiote seedRange6.0.0–6.0.3silverstripe

[
  {
    "vendor": "Symbiote",
    "product": "Seed",
    "versions": [
      {
        "version": "6.0.0",
        "status": "affected"
      },
      {
        "version": "6.0.1",
        "status": "affected"
      },
      {
        "version": "6.0.2",
        "status": "affected"
      }
    ],
    "modules": [
      "Login"
    ]
  }
]

Source	Link
github	www.github.com/symbiote/silverstripe-seed/releases/tag/6.0.3
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/symbiote/silverstripe-seed/commit/b065ebd82da53009d273aa7e989191f701485244

Parameter	Position	Path	Description	CWE
URL	nested	code/extensions/SecurityLoginExtension.php	Open redirect via manipulated URL argument in onBeforeSecurityLogin	CWE-601

21 Nov 2024 03:22Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.16.1 - 6.3

CVSS 26.5

CVSS 36.3

EPSS0.00273

SSVC

CWE-601