CVE-2023-45203: Online Examination System v1.0 - Multiple Open Redirects
First published: Wed Nov 01 2023(Updated: )
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.
Credit: help@fluidattacks.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Projectworlds Online Examination System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-45203.
What is the title of this vulnerability?
The title of this vulnerability is 'Online Examination System v1.0 - Multiple Open Redirects'.
What is the severity level of CVE-2023-45203?
The severity level of CVE-2023-45203 is medium with a score of 6.1.
What are the affected software versions?
The affected software version is Online Examination System v1.0.
How can an attacker exploit this vulnerability?
An attacker can exploit this vulnerability by manipulating the 'q' parameter of the login.php resource to redirect a victim user to an arbitrary website.
- collector/nvd-api
- agent/type
- agent/title
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/event
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/projectworlds
- canonical/projectworlds online examination system
- version/projectworlds online examination system/1.0