CVE-2018-17422

Published March 7th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

5.8

MEDIUM

Affected

PROJECT

Description

dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter.

dotCMS/core

The Visual Headless Content Management System for Enterprises

GitHub

947