CVE-2018-17422

2019-03-0723:29:01

Google

osv.dev

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.3%

JSON

dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter.

CPENameOperatorVersion
coreeq3.6.0
coreeq3.2.1
coreeq3.5_Preview02
coreeqpre3.5buildrevert
coreeq3.0
coreeq3.7.1
coreeq3.5_Preview01
coreeq5.0.1
coreeq5.0.0
coreeq3.6.1