rpm package
almalinux/mod_auth_mellon
pkg:rpm/almalinux/mod_auth_mellon
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3639 | Med | 6.1 | < 0.14.0-12.el8.1 | 0.14.0-12.el8.1 | Aug 22, 2022 | A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server |
- affected < 0.14.0-12.el8.1fixed 0.14.0-12.el8.1
A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server