Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to (1) bonita/login.jsp or (2) bonita/loginservice.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bonitasoft Bonita BPM Portal 安全漏洞
Vulnerability Description
Bonitasoft Bonita BPM是美国Bonitasoft公司的一套开源的业务流程管理平台(BPM),它支持自由地创建和管理可定制的业务应用程序。Bonita BPM Portal是其中的一个门户产品。 Bonitasoft Bonita BPM Portal 6.5.3之前版本中存在开放重定向漏洞。远程攻击者可利用该漏洞将用户重定向到任意的网站并实施钓鱼攻击。
CVSS Information
N/A
Vulnerability Type
N/A