Vulnerability Details CVE-2023-49394
Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from functioning properly.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.2%
CVSS Severity
CVSS v3 Score 6.1
References
- https://gist.github.com/xue-yao-go/87d088fa3f423bba8098ef22988e4626
- https://narrow-payment-2cd.notion.site/zentao-4-1-3-is-vulnerable-URL-redirect-b03f8f9f5b4e4cbea819c2961c097d92?pvs=4
- https://gist.github.com/xue-yao-go/87d088fa3f423bba8098ef22988e4626
- https://narrow-payment-2cd.notion.site/zentao-4-1-3-is-vulnerable-URL-redirect-b03f8f9f5b4e4cbea819c2961c097d92?pvs=4
Products affected by CVE-2023-49394
-
cpe:2.3:a:easycorp:zentao:-
-
cpe:2.3:a:easycorp:zentao:0.3.0
-
cpe:2.3:a:easycorp:zentao:0.4.0
-
cpe:2.3:a:easycorp:zentao:0.5.0
-
cpe:2.3:a:easycorp:zentao:0.6.0
-
cpe:2.3:a:easycorp:zentao:1.0.0
-
cpe:2.3:a:easycorp:zentao:1.0.1
-
cpe:2.3:a:easycorp:zentao:1.1
-
cpe:2.3:a:easycorp:zentao:1.2
-
cpe:2.3:a:easycorp:zentao:1.3
-
cpe:2.3:a:easycorp:zentao:1.4
-
cpe:2.3:a:easycorp:zentao:1.5
-
cpe:2.3:a:easycorp:zentao:2.0
-
cpe:2.3:a:easycorp:zentao:2.0.1
-
cpe:2.3:a:easycorp:zentao:2.1
-
cpe:2.3:a:easycorp:zentao:2.2
-
cpe:2.3:a:easycorp:zentao:2.3
-
cpe:2.3:a:easycorp:zentao:2.4
-
cpe:2.3:a:easycorp:zentao:3.0
-
cpe:2.3:a:easycorp:zentao:3.1
-
cpe:2.3:a:easycorp:zentao:3.2
-
cpe:2.3:a:easycorp:zentao:3.21
-
cpe:2.3:a:easycorp:zentao:3.3
-
cpe:2.3:a:easycorp:zentao:3.31
-
cpe:2.3:a:easycorp:zentao:4.0
-
cpe:2.3:a:easycorp:zentao:4.0.1
-
cpe:2.3:a:easycorp:zentao:4.1
-
cpe:2.3:a:easycorp:zentao:4.1.3