Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Open Redirect in Login Function of Calendarinho
Vulnerability Description
Calendarinho is an open source calendaring application to manage large teams of consultants. An Open Redirect issue occurs when a web application redirects users to external URLs without proper validation. This can lead to phishing attacks, where users are tricked into visiting malicious sites, potentially leading to information theft and reputational damage to the website used for redirection. The problem is has been patched in commit `15b2393`. Users are advised to update to a commit after `15b2393`. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Calendarinho 输入验证错误漏洞
Vulnerability Description
Calendarinho是一个开源日历应用程序,用于管理大型顾问团队。 Calendarinho 15b2393之前版本存在输入验证错误漏洞,该漏洞源于存在开放重定向问题,可能会导致网络钓鱼攻击,诱骗用户访问恶意网站。
CVSS Information
N/A
Vulnerability Type
N/A