Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-46750

Published: 14/12/2023 Updated: 18/12/2023
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Shiro

Vulnerability Summary

Description<!---->An "Open-Redirect" flaw was found in the Apache Shiro project. This issue may allow remote malicious users to redirect legitimate users to arbitrary web sites containing malware that can compromise the user's machine and conduct phishing attacks to steal the user's credentials.An "Open-Redirect" flaw was found in the Apache Shiro project. This issue may allow remote malicious users to redirect legitimate users to arbitrary web sites containing malware that can compromise the user's machine and conduct phishing attacks to steal the user's credentials.

Vulnerable Product Search on Vulmon Subscribe to Product

apache shiro 2.0.0

apache shiro

Vendor Advisories

Debian CVElist Bug Report Logs: shiro: CVE-2023-46750
Debian Bug report logs - #1059288 shiro: CVE-2023-46750 Package: src:shiro; Maintainer for src:shiro is Debian Java Maintainers &lt;pkg-java-maintainers@listsaliothdebianorg&gt;; Reported by: Moritz Mühlenhoff &lt;jmm@inutilorg&gt; Date: Fri, 22 Dec 2023 12:21:08 UTC Severity: important Tags: security, upstream Reply ...
Red Hat:
Description<!---->An "Open-Redirect" flaw was found in the Apache Shiro project This issue may allow remote attackers to redirect legitimate users to arbitrary web sites containing malware that can compromise the user's machine and conduct phishing attacks to steal the user's credentialsAn "Open-Redirect" flaw was found in the Apache Shiro projec ...

Mailing Lists

Full Disclosure: CVE-2023-46750: Apache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Shiro.
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2023-46750: Apache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature ...

References

CWE-601https://lists.apache.org/thread/hoc9zdyzmmrfj1zhctsvvtx844tcq6w9https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059288https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-46750
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook