Open redirect

2023-08-0919:15:00

PRIOn knowledge base

www.prio-n.com

opnsense

open redirect

web security

nvd

6.1 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

An open redirect in the Login page of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL.

CPENameOperatorVersion
opnsenselt23.7

CPE	Name	Operator	Version
	opnsense	lt	23.7

References

github.com/opnsense/core/commit/6bc025af1705dcdd8ef22ff5d4fcb986fa4e45f8

logicaltrust.net/blog/2023/08/opnsense.html