Open Redirect Vulnerability in PRiSE adAS 1.7.0

Open Redirect Vulnerability in PRiSE adAS 1.7.0

CVE-2019-14912 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly check the goto parameter, leading to an open redirect that leaks the session cookie.

Learn more about our Web Application Penetration Testing UK.