EPSS
Percentile
35.7%
Cloudfoundry UAA is vulnerable to open redirection.The redirect URI is not properly validated to filter wildcard characters, allowing a remote unauthenticated user to enter malicious URI to get a UAA access code.
github.com/cloudfoundry/uaa/commit/7ffadabf7a9084bd613b59f048b355c27723037a
www.cloudfoundry.org/blog/cve-2019-3788
www.cloudfoundry.org/blog/cve-2019-3788/