CVE-2024-21497

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 17, 2024
Updated: Feb 20, 2024
CWE ID 601

Summary

CVE-2024-21497 is a vulnerability affecting all versions of the package github.com/greenpau/caddy-security. It permits Open Redirects through the 'redirect_url' parameter. An attacker can exploit this issue to perform phishing attacks and redirect unsuspecting users to malicious websites. The vulnerability can be triggered when a user clicks on a portal button or uses the browser’s back button.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share