Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity.
CVSS Information
N/A
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
mod_auth_mellon 输入验证错误漏洞
Vulnerability Description
mod_auth_mellon是一款使用在Apache中的身份验证模块。 mod_auth_mellon存在安全漏洞。该漏洞源于mod auth mellon没有正确地清除注销url。攻击者可利用该漏洞诱骗用户访问一个经过伪装的可信任的web应用程序URL,该URL会重定向到一个外部的、潜在的恶意服务器,从而实施钓鱼攻击。该漏洞最大威胁是影响系统的机密性和完整性。
CVSS Information
N/A
Vulnerability Type
N/A