CVE-2019-3912

Summary

An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites.

Affected Software

VendorProductVersion RangeStatus
TenableLabKey Server Community EditionVersions before 18.3.0-61806.763affected

Weaknesses

  • CWE-601: CWE-601 Open Redirect

ADP Enrichment

CVE Program Container

Additional References

References