28 matches found
Phoenix framework 安全漏洞
Phoenix framework is Phoenix framework open source a functional programming language Elixir written in the Web development framework. A security vulnerability exists in Phoenix framework versions prior to 1.6.14, which stems from its socket/transport.ex incorrectly handling the checkorigin wildca...
Phoenix Framework Redirection Vulnerability
Phoenix Framework is a set of resource management and testing as one of the Web automation testing framework . The framework supports unscripted execution , unattended execution and free customization and other execution modes . A redirection vulnerability exists in Phoenix Framework. An attacker...
Design/Logic Flaw
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks...
CVE-2017-1000163
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks...
CVE-2017-1000163
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks...
CVE-2017-1000163
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks...
CVE-2017-1000163
The connected Nuclei template confirms a concrete open redirect vulnerability in Phoenix Framework versions 1.0.0–1.0.4, 1.1.0–1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0. The issue stems from unvalidated URL redirection, enabling phishing/social-engineering via crafted links. Impact is an attacker crafti...
Sobelow - Security-Focused Static Analysis for the Phoenix Framework
Sobelow is a security-focused static analysis tool for the Phoenix framework. For security researchers, it is a useful tool for getting a quick view of points-of-interest. For project maintainers, it can be used to prevent introducing a number of common vulnerabilities. Currently Sobelow detects...