Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40 syntax. This is fixed in 10.1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
progress sitefinity 9.1 |