RSS   Vulnerabilities for 'Acymailing'   RSS

2021-05-17
 
CVE-2021-24288

CWE-601
 

 
When subscribing using AcyMailing, the 'redirect' parameter isn't properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim.

 


Copyright 2024, cxsecurity.com

 

Back to Top