Security Advisory

CVE-2021-24288

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-17 16:48:52

Last updated 2024-08-03 19:28:23

Assigner WPScan

State PUBLISHED

Description

When subscribing using AcyMailing, the redirect parameter isnt properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim.

← Browse all CVEs View on cve.org ↗