CodeCanyon RISE Rise Ultimate Project Manager signin redirect
CVE-2024-0545

6.9MEDIUM

Key Information:

Vendor: Codecanyon
Status: Rise Ultimate Project Manager
Vendor: CVE Published:; 15 January 2024

What is CVE-2024-0545?

A vulnerability classified as problematic was found in CodeCanyon RISE Ultimate Project Manager 3.5.3. This vulnerability affects unknown code of the file /index.php/signin. The manipulation of the argument redirect with the input http://evil.com leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Affected Version(s)

RISE Ultimate Project Manager 3.5.3

References

https://vuldb.com/?id.250714

vdb-entrytechnical-description

https://vuldb.com/?ctiid.250714

signaturepermissions-required

https://vuldb.com/?submit.266974

third-party-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 15, 2024
Vulnerability Reserved
Jan 14, 2024

Credit

dhina016 (VulDB User)

CVE-2024-0545 Data

JSON

Codecanyon

What is CVE-2024-0545?

Affected Version(s)

References

CVSS V4

Timeline

Credit