Update CVE-2018-1000671.yaml

patch-1
Roberto Nunes 2022-07-21 07:51:08 +09:00 committed by GitHub
parent a4eedf50df
commit 8eb09f96de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions

View File

@ -4,7 +4,7 @@ info:
name: Sympa version 6.2.16 - Open redirect and XSS name: Sympa version 6.2.16 - Open redirect and XSS
author: 0x_Akoko author: 0x_Akoko
severity: medium severity: medium
description: sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site vulnerability in The referer parameter of the wwsympa fcgi login action. that can result in Open redirection and reflected XSS via data URIs. description: sympa version 6.2.16 and later contains a URL Redirection to Untrusted Site vulnerability in The referer parameter of the wwsympa fcgi login action that can result in Open redirection and reflected XSS via data URIs
reference: reference:
- https://github.com/sympa-community/sympa/issues/268 - https://github.com/sympa-community/sympa/issues/268
- https://www.cvedetails.com/cve/CVE-2018-1000671 - https://www.cvedetails.com/cve/CVE-2018-1000671