Open Redirect Vulnerability in SHIRASAGI by SHIRASAGI Project
CVE-2020-5607

6.1MEDIUM

Key Information:

Vendor

Shirasagi Project

Status
Shirasagi
Vendor
CVE Published:
10 July 2020

What is CVE-2020-5607?

An open redirect flaw in SHIRASAGI versions up to v1.13.1 allows malicious actors to manipulate web links, redirecting users to unwanted or harmful websites. This vulnerability can be exploited through various attack vectors to initiate phishing attempts, compromising user data and security. It is essential for users and administrators to ensure they update to the latest versions and employ other security measures to mitigate potential risks.

Affected Version(s)

SHIRASAGI v1.13.1 and earlier

References

https://www.ss-proj.org/
x_refsource_MISC
https://github.com/shirasagi/shirasagi
x_refsource_MISC
https://github.com/shirasagi/shirasagi/commit/040a02c9d4b...
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.