CVE-2017-5615

Severity CVSS v4.0:
Pending analysis
Type:
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
Publication date:
03/03/2017
Last modified:
20/04/2025

Description

cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:cpanel:cgiecho:-:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cgiemail:-:*:*:*:*:*:*:*