Labkey: >> Labkey Server >> 10.3 Security Vulnerabilities
An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites.
CVSS Score
6.1
EPSS Score
0.168
Published
2019-01-30
Command manipulation in LabKey Server Community Edition before 18.3.0-61806.763 allows an authenticated remote attacker to unmount any drive on the system leading to denial of service.
CVSS Score
4.9
EPSS Score
0.007
Published
2019-01-30