3 matches found
CVE-2018-6520
SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open redirect protection mechanism via crafted authority data in a URL...
CVE-2018-6520
SimpleSAMLphp before 1.15.2 is vulnerable to an open redirect protection bypass through crafted authority data in a URL. The underlying issue is in the URL handling that allows bypass of redirect protections, enabling potential open redirects. Affected component: SimpleSAMLphp (prior to 1.15.2). ...
CVE-2018-6520
SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open redirect protection mechanism via crafted authority data in a URL...