Vulnerability CVE-2021-45408
Published: 2022-02-04

Description:
Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote malicious users to redirect users to malicious sites using the "referuri" parameter.

Type:

CWE-601

 (URL Redirection to Untrusted Site ('Open Redirect'))

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.8/10
4.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None
Affected software
Seeddms -> Seeddms 

 References:
https://sunil-singh.notion.site/SeedDMS-6-0-15-Open-Redirect-85be8b681b2947a2a75e7416cb56670c
Copyright 2024, cxsecurity.com

 

Back to Top