Enhancement: cves/2023/CVE-2023-24735.yaml by md

2023-04-14 12:24:57 -04:00 · 2023-04-14 12:24:57 -04:00 · 4d0d9e3d9d
parent 2807efa3f0
commit 4d0d9e3d9d
1 changed files with 5 additions and 3 deletions
--- a/cves/2023/CVE-2023-24735.yaml
+++ b/cves/2023/CVE-2023-24735.yaml
@ -1,15 +1,15 @@
 id: CVE-2023-24735

 info:
-  name: PMB v7.4.6 - Open Redirect
+  name: PMB 7.4.6 - Open Redirect
  author: r3Y3r53
  severity: medium
  description: |
-    PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opac_css/pmb.php. This vulnerability allows attackers to redirect victim users to an external domain via a crafted URL.
+    PMB v7.4.6 contains an open redirect vulnerability via the component /opac_css/pmb.php. An attacker can redirect a user to an external domain via a crafted URL and thereby potentially obtain sensitive information, modify data, and/or execute unauthorized operations.
  reference:
    - https://github.com/AetherBlack/CVE/blob/main/PMB/readme.md
-    - https://nvd.nist.gov/vuln/detail/CVE-2023-24735
    - https://github.com/AetherBlack/CVE/tree/main/PMB
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-24735
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
@ -30,3 +30,5 @@ requests:
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)oast\.me\/?(\/|[^.].*)?$'
+
+# Enhanced by md on 2023/04/14