Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AVideo < 20.1 Open Redirect via cancelUri Parameter
Vulnerability Description
AVideo versions prior to 20.1 are vulnerable to an open redirect flaw due to missing validation of the cancelUri parameter during user login. An attacker can craft a link to redirect users to arbitrary external sites, enabling phishing attacks.
CVSS Information
N/A
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
AVideo 输入验证错误漏洞
Vulnerability Description
AVideo是World Wide Broadcast Network开源的一个广播网络创建工具。 AVideo 20.0之前版本存在输入验证错误漏洞,该漏洞源于用户登录期间缺少对cancelUri参数的验证,可能导致开放重定向和钓鱼攻击。
CVSS Information
N/A
Vulnerability Type
N/A