Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
cyface Terms and Conditions Module views.py returnTo redirect
Vulnerability Description
A vulnerability has been found in cyface Terms and Conditions Module up to 2.0.9 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 2.0.10 is able to address this issue. The name of the patch is 03396a1c2e0af95e12a45c5faef7e47a4b513e1a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216175.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Django Terms and Conditions 输入验证错误漏洞
Vulnerability Description
Django Terms and Conditions是Tim L. White个人开发者的一个 Django 模块。为您提供了一种可配置的方式,可以在用户访问网站之前将其发送到 T&C 接受页面。 Django Terms and Conditions 2.0.10版本及之前版本存在输入验证错误漏洞。攻击者利用该漏洞导致打开重定向。
CVSS Information
N/A
Vulnerability Type
N/A