CVE-2021-20875

Severity CVSS v4.0:
Pending analysis
Type:
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
Publication date:
24/12/2021
Last modified:
10/01/2022

Description

Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks by having a user to access a specially crafted URL.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:groupsession:groupsession:*:*:*:*:cloud:*:*:* 5.1.1 (including)
cpe:2.3:a:groupsession:groupsession:*:*:*:*:free:*:*:* 5.1.1 (including)
cpe:2.3:a:groupsession:groupsession:*:*:*:*:zion:*:*:* 5.1.1 (including)