Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Pachno 1.0.6 Open Redirection via return_to Parameter
Vulnerability Description
Pachno 1.0.6 contains an open redirection vulnerability that allows attackers to redirect users to arbitrary external websites by manipulating the return_to parameter. Attackers can craft malicious login URLs with unvalidated return_to values to conduct phishing attacks and steal user credentials.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
使用基本弱点进行的认证绕过
Vulnerability Title
Pachno 安全漏洞
Vulnerability Description
Pachno是Pachno开源的一个用于协作的开源平台。 Pachno 1.0.6版本存在安全漏洞,该漏洞源于未验证return_to参数,可能导致开放重定向和钓鱼攻击。
CVSS Information
N/A
Vulnerability Type
N/A