CVE-2020-23015

An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website.
References
Link Resource
https://github.com/opnsense/core/issues/4061 Exploit Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-05-03 22:15

Updated : 2024-02-28 18:28


NVD link : CVE-2020-23015

Mitre link : CVE-2020-23015

CVE.ORG link : CVE-2020-23015


JSON object : View

Products Affected

opnsense

  • opnsense
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')