Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow (1) remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the return_to parameter, and allow (2) remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via crafted characters in the domain name of a subdomain.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
One Click Orgs输入验证漏洞
Vulnerability Description
One Click Orgs 1.2.3之前的版本中存在多个开放重定向漏洞。(1)远程攻击者可借助return_to参数将用户重定向到任意web网站进而执行网络钓鱼攻击,(2)远程认证用户借助子域域名中特制的字符将用户重定向到任意web网站进而执行网络钓鱼攻击。
CVSS Information
N/A
Vulnerability Type
N/A