CVE-2021-25655
4.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Summary
A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Avaya | Avaya Experience Portal | 8.0 | affected |
| Avaya | Avaya Experience Portal | 7.2.3 < 7.0* | affected |
Weaknesses
- CWE-601: CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.