Published: 27/06/2022 Updated: 07/07/2022

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Open redirect vulnerability in web2py versions before 2.22.5 allows a remote malicious user to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.

Vulnerable Product	Search on Vulmon	Subscribe to Product
web2py web2py

PoC for CVE-2023-22432 (web2py)

CVE-2023-22432 PoC verification of web2py vulnerability (CVE-2023-22432) A vulnerability (CVE-2023-22432) in web2py was disclosed on Jan 31, 2023 (US time) This article describes our discussion of this vulnerability and the results of our verification Vulnerability Summary This vulnerability is an open redirect vulnerability in web2py that allows an arbitrary URL to be specif

CWE-601 https://github.com/web2py/web2py/commit/d9805606f88f00c0be56438247605cefde73e14e#diff-c1d01f37ee54d813815718760b9c4d7b274e2be7ad18f65552cd564336ab593bR110 https://github.com/web2py/web2py/commit/a181b855a43cb8b479d276b082cfcde385768451 https://jvn.jp/en/jp/JVN02158640/index.html http://web2py.com/https://nvd.nist.gov https://github.com/aeyesec/CVE-2023-22432

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-33146

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect