CVE-2017-1000027

CVE-2017-1000027

EPSS 1.2%

Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cp270.wordpress.com/2017/02/02/security-advisory-open-url-redirect-in-sme-server/https://forums.contribs.org/index.php/topic%2C52838.0.html