CVE-2021-24288

CVE-2021-24288

When subscribing using AcyMailing, the ‘redirect’ parameter isn’t properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim.

Source: CVE-2021-24288

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다