16 matches found
CVE-2024-55017
Account Takeover in Corezoid 6.6.0 in the OAuth2 implementation via an open redirect in the redirecturi parameter allows attackers to intercept authorization codes and gain unauthorized access to victim accounts...
CVE-2024-55017
Account Takeover in Corezoid 6.6.0 in the OAuth2 implementation via an open redirect in the redirecturi parameter allows attackers to intercept authorization codes and gain unauthorized access to victim accounts...
CVE-2024-55017
Account Takeover in Corezoid 6.6.0 in the OAuth2 implementation via an open redirect in the redirecturi parameter allows attackers to intercept authorization codes and gain unauthorized access to victim accounts...
CVE-2024-55017
Account Takeover in Corezoid 6.6.0 in the OAuth2 implementation via an open redirect in the redirecturi parameter allows attackers to intercept authorization codes and gain unauthorized access to victim accounts...
Corezoid Process Engine 安全漏洞
Corezoid Process Engine is an application from Corezoid, Inc. helps companies build, manage, host and run processes in the cloud. A security vulnerability exists in Corezoid Process Engine version 6.6.0, which stems from the presence of an open redirection in the redirecturi parameter in the OAut...
CVE-2024-55017
Account Takeover in Corezoid 6.6.0 in the OAuth2 implementation via an open redirect in the redirecturi parameter allows attackers to intercept authorization codes and gain unauthorized access to victim accounts...
PT-2025-40019
Name of the Vulnerable Software and Affected Versions Corezoid version 6.6.0 Description An issue exists in the OAuth2 implementation of Corezoid that allows for account takeover. The vulnerability is due to an open redirect within the redirect uri parameter. This allows attackers to intercept...
CVE-2024-55017
CVE-2024-55017 concerns Corezoid 6.6.0. The vulnerability arises in the OAuth2 flow via an open redirect in the redirect_uri parameter, enabling an attacker to intercept authorization codes and gain unauthorized access to victim accounts. Documents consistently describe an account takeover risk d...
CVE-2024-27592
Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to arbitrary websites via appending a crafted link to /login/ in the login page URL...
CVE-2024-27592
Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to arbitrary websites via appending a crafted link to /login/ in the login page URL...
CVE-2024-27592
Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to arbitrary websites via appending a crafted link to /login/ in the login page URL...
CVE-2024-27592
Open Redirect vulnerability CVE-2024-27592 affects Corezoid Process Engine v6.5.0. Multiple sources (NVD/Red Hat/CNNVD/CVE list) describe attackers being able to redirect users to arbitrary websites by appending a crafted link to the /login/ URL on the login page. The root cause is an open redire...
Corezoid helm 安全漏洞
Corezoid helm is a library. A security vulnerability exists in Corezoid helm version v6.5.0, which originates from a vulnerability that allows an attacker to redirect to an arbitrary website by appending a crafted /login/ link to the login page URL...
CVE-2024-27592
Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to arbitrary websites via appending a crafted link to /login/ in the login page URL...
CVE-2024-27592
Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to arbitrary websites via appending a crafted link to /login/ in the login page URL...
PT-2024-21959 · Unknown · Corezoid Process Engine
Name of the Vulnerable Software and Affected Versions: Corezoid Process Engine version 6.5.0 Description: The issue allows attackers to redirect users to arbitrary websites by appending a crafted link to the /login/ endpoint in the login page URL. This can be exploited by adding a malicious link ...