CVE-2020-24551
6.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
IProom MMC+ Server login page does not validate specific parameters properly. Attackers can use the vulnerability to redirect to any malicious site and steal the victim's login credentials.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IProom | MMC+ Server | 0 <= 3.2.2 | affected |
Weaknesses
- CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.