First published: Fri Jul 05 2019(Updated: )
Open redirect vulnerability in GROWI v3.4.6 and earlier allows remote attackersto redirect users to arbitrary web sites and conduct phishing attacks via the process of login.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
WESEEK GROWI | <=3.4.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-5969 is an open redirect vulnerability in GROWI v3.4.6 and earlier versions that allows remote attackers to redirect users to arbitrary websites for phishing attacks during the login process.
CVE-2019-5969 has a severity of 6.1, classified as medium.
To fix CVE-2019-5969, users should update GROWI to a version beyond v3.4.6 to mitigate the open redirect vulnerability.