CVE-2024-8412 MEDIUM

CVE-2024-8412: LinuxOSsk Shakal-NG views.py redirect

Vendor Linuxossk
Product Shakal-NG
Weakness CWE-601 · Open redirect
Published September 4, 2024
Last update September 4, 2024

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability, which was classified as problematic, was found in LinuxOSsk Shakal-NG up to 1.3.3. Affected is an unknown function of the file comments/views.py. The manipulation of the argument next leads to open redirect. It is possible to launch the attack remotely. The name of the patch is ebd1c2cba59cbac198bf2fd5a10565994d4f02cb. It is recommended to apply a patch to fix this issue.

Key dates

02Disclosure timeline

September 4, 2024 CVE published
September 4, 2024 Record updated