What the vulnerability does
01Description
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bit Apps Bit Form bit-form allows Phishing.This issue affects Bit Form: from n/a through <= 2.18.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
What the vulnerability does
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bit Apps Bit Form bit-form allows Phishing.This issue affects Bit Form: from n/a through <= 2.18.0.
Explanation of Vulnerability in Simple Terms
Bit Form versions up to 2.18.0 contain an open redirect vulnerability. When a user clicks a malicious link, the form can redirect them to an attacker-controlled website. The attacker has no direct control over the site but can trick users into visiting external URLs through crafted form redirects. This could be used for phishing or credential theft.
What an attacker can do
Redirect users to a malicious website when they interact with a crafted form link.
Potential impact on your site
Users visiting your site via malicious links could be redirected to phishing pages or malware sites, damaging trust.
Conditions required to exploit
User must click a malicious link containing a crafted redirect parameter.
Key dates
External resources