URL Redirection to Untrusted Site ('Open Redirect')
CVE-2016-7137
Summary
Multiple open redirect vulnerabilities in Products.CMFFormController through 3.0.7 and 3.1.x up to 3.1.2; CMFQuickInstallerTool up to 3.0.13; plone.app.portlets up to 2.5.5, 3.x up to 3.1.4 and 4.x up to 4.2; plone.app.discussion up to 2.2.18, 2.3.x up to 2.4.17 and plone.app.content up to 2.1.5 and 2.2.0 up to 3.3 in Plone allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter to (1) %2b%2bgroupdashboard%2b%2bplone.dashboard1%2bgroup/%2b/portlets.Actions or (2) folder/%2b%2bcontextportlets%2b%2bplone.footerportlets/%2b /portlets.Actions or the (3) came_from parameter to /login_form.
- LOW
- NETWORK
- LOW
- CHANGED
- REQUIRED
- NONE
- LOW
- NONE
CWE-601 - Open Redirect
An open redirect attack employs a URL parameter, HTML refresh tags, or a DOM based location change to exploit the trust of a vulnerable domain to direct the users to a malicious website. The attack could lead to higher severity vulnerabilities such as unauthorized access control, account takeover, XSS, and more.
Advisory Timeline
- Published
