Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 06/09/2019 Updated: 23/07/2020

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 517

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

An issue exists in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By manipulating the POST parameters, an attacker can redirect a victim to a malicious website over any protocol the attacker desires (e.g.,http, https, ftp, smb, etc.).

Vulnerable Product	Search on Vulmon	Subscribe to Product
alfresco alfresco 6.0
alfresco alfresco
alfresco alfresco 6.1

CWE-601 https://community.alfresco.com/content?filterID=all~objecttype~thread%5Bquestions%5D https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-14223-Open%20Redirect%20in%20Alfresco%20Share-Alfresco%20Community https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-14223

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect