Lucene search
Veracode Vulnerability DatabaseVERACODE:5637HistoryJan 04, 2018 - 3:20 a.m.
Open Redirect
2018-01-0403:20:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
31.5%
Products.CMFPlone is vulnerable to open redirect attacks. These attacks are possible because the came_from parameter will be set to the previous URL a user tried to access regardless of whether it is in portal or not.
| CPE | Name | Operator | Version |
|---|---|---|---|
| products.cmfplone | le | 4.3.19 | |
| products.cmfplone | le | 5.1.6 |
Related
cve
cve
CVE-2017-1000481
2022-10-03 16:23:09
cvelist
cvelist
CVE-2017-1000481
2022-10-03 16:23:09
prion
prion
Information disclosure
2018-01-03 18:29:00
osv
osv
Products.CMFPlone Open Redirect Vulnerability
2022-05-14 03:49:10
CVE-2017-1000481
2018-01-03 18:29:00
PYSEC-2018-70
2018-01-03 18:29:00
redhatcve
redhatcve
CVE-2017-1000481
2018-01-09 05:50:20
nvd
nvd
CVE-2017-1000481
2018-01-03 18:29:00
github
github
Products.CMFPlone Open Redirect Vulnerability
2022-05-14 03:49:10
nessus
nessus
RHEL 5 : conga (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : plone (Unpatched Vulnerability)
2024-05-11 00:00:00