CVE-2020-23015

An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website.
References
Link Resource
https://github.com/opnsense/core/issues/4061 Exploit Issue Tracking Third Party Advisory
https://github.com/opnsense/core/issues/4061 Exploit Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:13

Type Values Removed Values Added
References () https://github.com/opnsense/core/issues/4061 - Exploit, Issue Tracking, Third Party Advisory () https://github.com/opnsense/core/issues/4061 - Exploit, Issue Tracking, Third Party Advisory

Information

Published : 2021-05-03 22:15

Updated : 2024-11-21 05:13


NVD link : CVE-2020-23015

Mitre link : CVE-2020-23015

CVE.ORG link : CVE-2020-23015


JSON object : View

Products Affected

opnsense

  • opnsense
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')