CVE-2018-14474

CVE-2018-14474

EPSS 2.3%

views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/s-gv/orangeforum/commit/1f6313cb3a1e755880fc1354f3e1efc4dd2dd4aa