CVE-2018-17422

Publication date

2019-03-07 22:00:00

Family

mitre

State

PUBLISHED

Description

dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter.