CVE-2024-8526
Nov. 21, 2024, 4:15 p.m.
Tags
Product(s) Impacted
Automated Logic WebCTRL
- 7.0
Description
A vulnerability in Automated Logic WebCTRL 7.0 could allow an attacker to send a maliciously crafted URL, which when visited by an authenticated WebCTRL user, could result in the redirection of the user to a malicious webpage via "index.jsp"
Weaknesses
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
CWE ID: 601Date
Published: Nov. 21, 2024, 4:15 p.m.
Last Modified: Nov. 21, 2024, 4:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
productsecurity@carrier.com
References
https://www.cisa.gov/
productsecurity@carrier.com
https://www.corporate.carrier.com/
productsecurity@carrier.com