The vulnerability of the web application function of Moxa SDS-3008 microprogrammable Ethernet switches allows a intruder to gain unauthorized access to protected information.

The vulnerability of the web application function of Moxa SDS-3008 Ethernet switch software lies in the insufficient protection of service data when processing URL addresses containing the “/” or “\” character. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

mod_auth_openidc: Open redirect issue exists in URLs with slash and backslash

An open redirect flaw was discovered in modauthopenidc where it handles logout redirection. The module does not correctly validate the URL, allowing a URL with slash and backslash at the beginning to bypass the protection checks. A victim user may be tricked into visiting a trusted vulnerable web...

mod_auth_openidc open redirect vulnerability

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server. An open redirection vulnerability exists in modauthopenidc versions prior to 2.4.1 for URLs that begin with a slash and backslash. No detailed vulnerability details are provided at this time...

PT-2020-10464 · Apache +5 · Mod Auth Openidc +5

Name of the Vulnerable Software and Affected Versions: mod auth openidc versions prior to 2.4.1 Description: A flaw exists in the handling of URLs with a slash and backslash at the beginning, leading to an open redirect issue. Recommendations: For versions prior to 2.4.1, update to version 2.4.1 ...

CVE-2016-1671

Google Chrome before 50.0.2661.102 on Android mishandles / slash and \ backslash characters, which allows attackers to conduct directory traversal attacks via a file: URL, related to net/base/escape.cc and net/base/filenameutil.cc...