A vulnerability, which was classified as problematic, was found in LinuxOSsk Shakal-NG up to 1.3.3. Affected is an unknown function of the file comments/views.py. The manipulation of the argument next leads to open redirect. It is possible to launch the attack remotely. The name of the patch is ebd1c2cba59cbac198bf2fd5a10565994d4f02cb. It is recommended to apply a patch to fix this issue.
References
Link | Resource |
---|---|
https://github.com/LinuxOSsk/Shakal-NG/commit/ebd1c2cba59cbac198bf2fd5a10565994d4f02cb | Patch |
https://github.com/LinuxOSsk/Shakal-NG/issues/202 | Exploit Issue Tracking |
https://github.com/LinuxOSsk/Shakal-NG/issues/202#issuecomment-2325187434 | Exploit Issue Tracking |
https://vuldb.com/?ctiid.276492 | Permissions Required |
https://vuldb.com/?id.276492 | Third Party Advisory |
https://vuldb.com/?submit.400792 | Third Party Advisory |
Configurations
History
12 Sep 2024, 16:47
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/LinuxOSsk/Shakal-NG/commit/ebd1c2cba59cbac198bf2fd5a10565994d4f02cb - Patch | |
References | () https://github.com/LinuxOSsk/Shakal-NG/issues/202 - Exploit, Issue Tracking | |
References | () https://github.com/LinuxOSsk/Shakal-NG/issues/202#issuecomment-2325187434 - Exploit, Issue Tracking | |
References | () https://vuldb.com/?ctiid.276492 - Permissions Required | |
References | () https://vuldb.com/?id.276492 - Third Party Advisory | |
References | () https://vuldb.com/?submit.400792 - Third Party Advisory | |
CPE | cpe:2.3:a:linuxos:shakal-ng:*:*:*:*:*:*:*:* | |
First Time |
Linuxos
Linuxos shakal-ng |
|
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 6.1 |
05 Sep 2024, 12:53
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
04 Sep 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-04 16:15
Updated : 2024-09-12 16:47
NVD link : CVE-2024-8412
Mitre link : CVE-2024-8412
CVE.ORG link : CVE-2024-8412
JSON object : View
Products Affected
linuxos
- shakal-ng
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')