Security Advisory

CVE-2021-3639

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-08-22 14:49:03

Last updated 2024-08-03 17:01:07

Assigner redhat

State PUBLISHED

Description

A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity.

← Browse all CVEs View on cve.org ↗