Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2023-6380
HistoryDec 13, 2023 - 11:15 a.m.

CVE-2023-6380

2023-12-1311:15:07
Google
osv.dev
4
open cms
mercury template
open redirect vulnerability
sanitization
software
exploitation

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.6

Confidence

High

EPSS

0.016

Percentile

87.5%

JSON

Open redirect vulnerability has been found in the Open CMS product affecting versions 14 and 15 of the ‘Mercury’ template. An attacker could create a specially crafted URL and send it to a specific user to redirect them to a malicious site and compromise them. Exploitation of this vulnerability is possible due to the fact that there is no proper sanitization of the ‘URI’ parameter.

Related

cve 1
cvelist 1
vulnrichment 1
nuclei 1
nvd 1
prion 1
cve
cve
CVE-2023-6380
2023-12-13 11:15:07
cvelist
cvelist
CVE-2023-6380 Open Redirect in Alkacon Software OpenCms
2023-12-13 10:54:35
vulnrichment
vulnrichment
CVE-2023-6380 Open Redirect in Alkacon Software OpenCms
2023-12-13 10:54:35
nuclei
nuclei
OpenCms 14 & 15 - Open Redirect
2023-12-06 06:11:01
nvd
nvd
CVE-2023-6380
2023-12-13 11:15:07
prion
prion
Open redirect
2023-12-13 11:15:00

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.6

Confidence

High

EPSS

0.016

Percentile

87.5%

JSON
Related for OSV:CVE-2023-6380
cve1cvelist1vulnrichment1nuclei1nvd1prion1