CVE-2023-27292
published 2023-02-28CVE-2023-27292: An open redirect vulnerability exposes OpenCATS to template injection due to improper validation of user-supplied GET parameters.
PriorityP427medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EXPLOIT
EPSS
1.03%
59.3th percentile
An open redirect vulnerability exposes OpenCATS to template injection due to improper validation of user-supplied GET parameters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opencats | opencats | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
OpenCATS - Open Redirect
nuclei·CVSS 5.4
CVE-2023-27292 [MEDIUM] OpenCATS - Open Redirect
OpenCATS - Open Redirect
OpenCATS contains an open redirect vulnerability due to improper validation of user-supplied GET parameters. This, in turn, exposes OpenCATS to possible template injection and obtaining sensitive information, modifying data, and/or executing unauthorized operations.
Template:
id: CVE-2023-27292
info:
name: OpenCATS - Open Redirect
author: r3Y3r53
severity: medium
description: |
OpenCATS contains an open redirect vulnerability due to improper validation of user-supplied GET parameters. This, in turn, exposes OpenCATS to possible template injection and obtaining sensitive information, modifying data, and/or executing unauthorized operations.
impact: |
An attacker can redirect users to malicious websites, leading to phishing attacks or the download of malware.
rem
No writeups or analysis indexed.
2023-02-28
Published