Lucene search

[email protected]NVD:CVE-2023-45202

HistoryNov 01, 2023 - 11:15 p.m.

CVE-2023-45202

2023-11-0123:15:07

CWE-601

[email protected]

web.nvd.nist.gov

open redirect

online examination system

vulnerability

feed.php

crafted url

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

16.9%

JSON

Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The ‘q’ parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.

Affected configurations

NVD

Node

projectworldsonline_examination_systemMatch1.0

References

fluidattacks.com/advisories/uchida

projectworlds.in/

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

16.9%

JSON

Related for NVD:CVE-2023-45202

cve1 prion1 cvelist1