Vulnerability Details CVE-2015-8094
Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 5.8
References
- http://cloudera.github.io/hue/latest/release-notes/release-notes-3.10.0.html
- https://github.com/cloudera/hue/pull/346
- https://issues.cloudera.org/browse/HUE-3626
- https://www.harmfultrust.com/p/advisories.html
- http://cloudera.github.io/hue/latest/release-notes/release-notes-3.10.0.html
- https://github.com/cloudera/hue/pull/346
- https://issues.cloudera.org/browse/HUE-3626
- https://www.harmfultrust.com/p/advisories.html