We found results for “”
WS-2016-7127
Good to know:
Date: August 23, 2016
In Ghost headless CMS, versions 0.5.2 through 0.9.0 are vulnerable to Open Redirect vulnerability, which allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks.
Language: JS
Severity Score
Severity Score
Weakness Type (CWE)
URL Redirection to Untrusted Site ('Open Redirect')
CWE-601Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | CHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |