CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-3898

Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to (1) bonita/login.jsp or (2) bonita/loginservice.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.022

EPSS Ranking 83.7%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 5.8

References

Products affected by CVE-2015-3898

Bonitasoft » Bonita Bpm Portal » Version: 5.10

cpe:2.3:a:bonitasoft:bonita_bpm_portal:5.10
Bonitasoft » Bonita Bpm Portal » Version: 5.10.2

cpe:2.3:a:bonitasoft:bonita_bpm_portal:5.10.2
Bonitasoft » Bonita Bpm Portal » Version: 5.6

cpe:2.3:a:bonitasoft:bonita_bpm_portal:5.6
Bonitasoft » Bonita Bpm Portal » Version: 5.7

cpe:2.3:a:bonitasoft:bonita_bpm_portal:5.7
Bonitasoft » Bonita Bpm Portal » Version: 5.8

cpe:2.3:a:bonitasoft:bonita_bpm_portal:5.8
Bonitasoft » Bonita Bpm Portal » Version: 5.9

cpe:2.3:a:bonitasoft:bonita_bpm_portal:5.9
Bonitasoft » Bonita Bpm Portal » Version: 6.0

cpe:2.3:a:bonitasoft:bonita_bpm_portal:6.0
Bonitasoft » Bonita Bpm Portal » Version: 6.1

cpe:2.3:a:bonitasoft:bonita_bpm_portal:6.1
Bonitasoft » Bonita Bpm Portal » Version: 6.2

cpe:2.3:a:bonitasoft:bonita_bpm_portal:6.2
Bonitasoft » Bonita Bpm Portal » Version: 6.3

cpe:2.3:a:bonitasoft:bonita_bpm_portal:6.3
Bonitasoft » Bonita Bpm Portal » Version: 6.4

cpe:2.3:a:bonitasoft:bonita_bpm_portal:6.4
Bonitasoft » Bonita Bpm Portal » Version: 6.5

cpe:2.3:a:bonitasoft:bonita_bpm_portal:6.5
Bonitasoft » Bonita Bpm Portal » Version: 6.5.2

cpe:2.3:a:bonitasoft:bonita_bpm_portal:6.5.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-3898

Products

Pricing

Contact Us