Opencast Authenticated OpenRedirect Vulnerability

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to sites outside of one's Opencast install, potentially facilitating phishing attacks or other security issues. This issue is fixed in Opencast 12.5 and newer.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

指向未可信站点的URL重定向(开放重定向)

Opencast 输入验证错误漏洞

Opencast是Opencast组织的一款用于大规模自动视频捕获，管理和分发的直播视频支撑软件。 Opencast 12.5之前版本存在输入验证错误漏洞。攻击者利用该漏洞将用户重定向到Opencast安装之外的站点，从而可能导致网络钓鱼攻击或其他安全问题。

N/A

N/A