CVE-2024-21497
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Published Feb 17, 2024
Updated: Feb 20, 2024
CWE ID 601
Summary
CVE-2024-21497 is a vulnerability affecting all versions of the package github.com/greenpau/caddy-security. It permits Open Redirects through the 'redirect_url' parameter. An attacker can exploit this issue to perform phishing attacks and redirect unsuspecting users to malicious websites. The vulnerability can be triggered when a user clicks on a portal button or uses the browser’s back button.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share