CVE-2018-15683

An issue was discovered in BTITeam XBTIT. The "returnto" parameter of the login page is vulnerable to an open redirect due to a lack of validation. If a user is already logged in when accessing the page, they will be instantly redirected.
References
Link Resource
https://rastating.github.io/xbtit-multiple-vulnerabilities/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:btiteam:xbtit:*:*:*:*:*:*:*:*

Information

Published : 2018-09-05 09:29

Updated : 2018-11-06 04:02


NVD link : CVE-2018-15683

Mitre link : CVE-2018-15683

Products Affected
No products.
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')