漏洞标题
"Opencast Authenticated OpenRedirect 漏洞"
漏洞描述信息
开放式认证开放重定向漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
Opencast Authenticated OpenRedirect Vulnerability
漏洞描述信息
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to sites outside of one's Opencast install, potentially facilitating phishing attacks or other security issues. This issue is fixed in Opencast 12.5 and newer.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
漏洞类别
指向未可信站点的URL重定向(开放重定向)
漏洞标题
Opencast 输入验证错误漏洞
漏洞描述信息
Opencast是Opencast组织的一款用于大规模自动视频捕获,管理和分发的直播视频支撑软件。 Opencast 12.5之前版本存在输入验证错误漏洞。攻击者利用该漏洞将用户重定向到Opencast安装之外的站点,从而可能导致网络钓鱼攻击或其他安全问题。
CVSS信息
N/A
漏洞类别
输入验证错误