Medium severity6.1NVD Advisory· Published May 17, 2021· Updated Jun 17, 2026
CVE-2021-24288
CVE-2021-24288
Description
When subscribing using AcyMailing, the 'redirect' parameter isn't properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- AcyMailing/Newsletter via SMTP, Sendinblue, Sendgrid, Mailgun - AcyMailing SMTP Newsletterv5Range: 7.5.0
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.