CVE-2017-1000027

CVE-2017-1000027

EPSS 1.2%

Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cp270.wordpress.com/2017/02/02/security-advisory-open-url-redirect-in-sme-server/https://forums.contribs.org/index.php/topic%2C52838.0.html