Open Redirect Vulnerability in Kentico CMS by Kentico Software
CVE-2015-7823

Currently unrated

Key Information:

Vendor: Kentico
Status: Kentico Cms
Vendor: CVE Published:; 21 October 2015

What is CVE-2015-7823?

An open redirect vulnerability exists in the CMSPages/GetDocLink.ashx file of Kentico CMS versions 8.2 through 8.2.41. This flaw allows remote attackers to redirect users to arbitrary external websites by crafting a malicious URL in the link parameter. Exploiting this vulnerability can lead to phishing attacks, where attackers mimic legitimate sites to steal sensitive information from unsuspecting users.

References

http://packetstormsecurity.com/files/133981/Kentico-CMS-8...

x_refsource_MISC

EPSS Score

27% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 21, 2015
Vulnerability Reserved
Oct 14, 2015