PT-2024-17853 · Ruifang Tech · Ruifang-Tech Rebuild

Name of the Vulnerable Software and Affected Versions: ruifang-tech Rebuild version 3.8.6 Description: A vulnerability was found in the Admin Verification Page of the affected software, specifically in the file /user/admin-verify. The issue is related to the manipulation of the nexturl argument,...

Ruifang-tech Rebuild 安全漏洞

Ruifang-tech Rebuild is a zero-code, open-source and free enterprise management system from China Ruifang Ruifang-tech. A security vulnerability exists in Ruifang-tech Rebuild version 3.8.6. An attacker can exploit the vulnerability by incorrectly manipulating the nexturl parameter with the input...

CVE-2024-43794 OpenSearch Dashboards Security Plugin improper validation of nextUrl can lead to external redirect

OpenSearch Dashboards Security Plugin adds a configuration management UI for the OpenSearch Security features to OpenSearch Dashboards. Improper validation of the nextUrl parameter can lead to external redirect on login to OpenSearch-Dashboards for specially crafted parameters. A patch is availab...

OpenSearch Dashboards Security Plugin 安全漏洞

OpenSearch Dashboards Security Plugin is an OpenSearch Dashboards Security Plugin for OpenSearch open source. A security vulnerability exists in OpenSearch Dashboards Security Plugin versions prior to 1.3.19 and prior to 2.16.0 that stems from improper validation of the nextUrl parameter, which m...