CVE-2023-28874

Severity CVSS v4.0:
Pending analysis
Type:
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
Publication date:
09/12/2023
Last modified:
12/12/2023

Description

The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:seafile:seafile:9.0.6:*:*:*:*:*:*:*