CVE-2023-48003
MEDIUM WAF: Medium
CVSS 6.1
Published: 2023-12-26
CWE-601
An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the '
WAF Coverage Analysis
Open Redirect
Medium WAF Coverage
OWASP: A01:2021 Broken Access Control
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| aspnetzero | asp.net_zero | up to 12.3.0 |
References
- docs.unsafe-inline.com (Exploit, Third Party Advisory)
- github.com (Exploit, Third Party Advisory)