2023-12-13 10:54:35
INCIBE
PUBLISHED
Open redirect vulnerability has been found in the Open CMS product affecting versions 14 and 15 of the Mercury template. An attacker could create a specially crafted URL and send it to a specific user to redirect them to a malicious site and compromise them. Exploitation of this vulnerability is possible due to the fact that there is no proper sanitization of the URI parameter.