Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Opencast Authenticated OpenRedirect Vulnerability
Vulnerability Description
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to sites outside of one's Opencast install, potentially facilitating phishing attacks or other security issues. This issue is fixed in Opencast 12.5 and newer.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Opencast 输入验证错误漏洞
Vulnerability Description
Opencast是Opencast组织的一款用于大规模自动视频捕获,管理和分发的直播视频支撑软件。 Opencast 12.5之前版本存在输入验证错误漏洞。攻击者利用该漏洞将用户重定向到Opencast安装之外的站点,从而可能导致网络钓鱼攻击或其他安全问题。
CVSS Information
N/A
Vulnerability Type
N/A