Advisory
Security Advisory – Open URL Redirect in Koozali SME Server
Product: Koozali SME Server Vendor: Koozali Foundation/Open Source Software Version: 8.x, 9.x, 10.x Category: Open URL Redirect Vendor Notified: 2017-01-11 Patched: 2017-01-23 Disclosed: 2017-02-02 Researcher(s): Carl Pearson CVE: CVE-2017-1000027 Summary An open URL redirect vulnerability exists in the user login function of Koozali SME Server. The server fails to validate Read more…