3 matches found
CVE-2022-25295
Open Redirect in Gophish before 0.12.0 (github.com/gophish/gophish). The vulnerability arises in the next parameter handling: the code parses r.FormValue("next") and redirects to a relative URL; if next begins with multiple backslashes (\\example.com), the browser can be redirected to http://exam...
CVE-2022-25295 Open Redirect
This affects the package github.com/gophish/gophish before 0.12.0. The Open Redirect vulnerability exists in the next query parameter. The application uses url.Parser.FormValue"next" to extract path and eventually redirect user to a relative URL, but if next parameter starts with multiple...
CVE-2022-25295 Open Redirect
This affects the package github.com/gophish/gophish before 0.12.0. The Open Redirect vulnerability exists in the next query parameter. The application uses url.Parser.FormValue"next" to extract path and eventually redirect user to a relative URL, but if next parameter starts with multiple...