Security Advisory

CVE-2019-13038

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-06-29 00:00:00

Last updated 2024-08-04 23:41:10

Assigner mitre

State PUBLISHED

Description

mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.

← Browse all CVEs View on cve.org ↗