CVE-2023-28020: URL redirection affects BigFix WebUI
First published: Tue Jul 18 2023(Updated: )
URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header.
Credit: psirt@hcl.com psirt@hcl.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hcltech Bigfix Webui |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-28020.
What is the severity of CVE-2023-28020?
The severity of CVE-2023-28020 is medium with a severity value of 6.1.
Which software is affected by CVE-2023-28020?
HCL BigFix WebUI is affected by CVE-2023-28020.
What is the impact of CVE-2023-28020?
CVE-2023-28020 allows a malicious user to redirect the client browser to an external site via redirect URL response header.
Is there a fix available for CVE-2023-28020?
It is recommended to apply the latest security patches provided by HCLTech to fix CVE-2023-28020.
- collector/nvd-latest
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/nvd-api
- agent/software-canonical-lookup-request
- agent/references
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/severity
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/hcltech
- canonical/hcltech bigfix webui