Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x prior to 1.0.21, 1.1.x prior to 1.1.31, 1.2.x prior to 1.2.42, and 1.3.x prior to 1.3.10 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the ReturnUrl parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
orchardproject orchard 1.0.20 |
||
orchardproject orchard 1.0 |
||
orchardproject orchard 1.1 |
||
orchardproject orchard 1.1.30 |
||
orchardproject orchard 1.2.41 |
||
orchardproject orchard 1.2 |
||
orchardproject orchard 1.3 |
||
orchardproject orchard 1.3.9 |
||
orchardproject orchard 1.3.10 |