漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
CloudPanel Community Edition HTTP Header users redirect
Vulnerability Description
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.5.2 is sufficient to fix this issue. Upgrading the affected component is recommended.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
CloudPanel 输入验证错误漏洞
Vulnerability Description
CloudPanel是CloudPanel开源的一款免费软件。用于配置和管理服务器。 CloudPanel 2.5.1及之前版本存在输入验证错误漏洞,该漏洞源于对组件HTTP Header Handler中文件/admin/users参数Referer的错误操作,可能导致重定向。
CVSS Information
N/A
Vulnerability Type
N/A