Open Redirect Vulnerability in OPNsense Login Page

Open Redirect Vulnerability in OPNsense Login Page

CVE-2020-23015 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website.

Learn more about our Web App Pen Testing.