2 matches found
CVE-2018-8937
An issue was discovered in Open-AudIT Professional 2.1. It is possible to inject a malicious payload in the redirecturl parameter to the /login URI to trigger an open redirect. A "data:text/html;base64," payload can be used with JavaScript code...
CVE-2018-8937
Open-AudIT Professional 2.1 contains an open redirect vulnerability triggered by injecting a malicious payload into the redirect_url parameter of the /login URI. The issue, described across multiple sources (including CVE-2018-8937 and CNVD/CVE records), can be exploited using a data:text/html;ba...