Lucene search
Veracode Vulnerability DatabaseVERACODE:36555HistoryAug 02, 2022 - 4:56 a.m.
Open Redirect
2022-08-0204:56:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.001 Low
EPSS
Percentile
31.0%
dspace-jspui is vulnerable to open redirect attacks. The vulnerability exists through the controlled vocabulary feature in the doDSGet function of ControlledVocabularyServlet.java, allowing an attacker to redirect to malicious websites by providing maliciously crafted urls
| CPE | Name | Operator | Version |
|---|---|---|---|
| dspace jsp-ui | le | 6.3 | |
| dspace jsp-ui | le | 3.6 | |
| dspace jsp-ui | le | 5.10 | |
| dspace jsp-ui | le | 4.9 | |
| dspace jsp-ui | le | 6.3 | |
| dspace jsp-ui | le | 3.6 | |
| dspace jsp-ui | le | 5.10 | |
| dspace jsp-ui | le | 4.9 |
Related
cve
cve
CVE-2022-31193
2022-08-01 21:15:13
cvelist
cvelist
CVE-2022-31193 URL Redirection to Untrusted Site in Dspace JSPUI
2022-08-01 20:25:12
osv
osv
CVE-2022-31193
2022-08-01 21:15:13
nvd
nvd
CVE-2022-31193
2022-08-01 21:15:13
github
github
prion
prion
Open redirect
2022-08-01 21:15:00