Vulnerability Details CVE-2023-6380
Open redirect vulnerability has been found in the Open CMS product affecting versions 14 and 15 of the 'Mercury' template. An attacker could create a specially crafted URL and send it to a specific user to redirect them to a malicious site and compromise them. Exploitation of this vulnerability is possible due to the fact that there is no proper sanitization of the 'URI' parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.433
EPSS Ranking 97.4%
CVSS Severity
CVSS v3 Score 6.1
References