1 results (0.002 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0
CVE-2017-20164 – Symbiote Seed Login SecurityLoginExtension.php onBeforeSecurityLogin redirect
https://notcve.org/view.php?id=CVE-2017-20164
A vulnerability was found in Symbiote Seed up to 6.0.2. It has been classified as critical. Affected is the function onBeforeSecurityLogin of the file code/extensions/SecurityLoginExtension.php of the component Login. The manipulation of the argument URL leads to open redirect. It is possible to launch the attack remotely. • https://github.com/symbiote/silverstripe-seed/commit/b065ebd82da53009d273aa7e989191f701485244 https://github.com/symbiote/silverstripe-seed/releases/tag/6.0.3 https://vuldb.com/?ctiid.217626 https://vuldb.com/?id.217626 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •