CVE-2022-33146

Published: Jun 27, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.

Vendor	Product	Versions
web2py	web2py	affected `versions prior to 2.22.5`

References

http://web2py.com/

x_refsource_MISC

https://github.com/web2py/web2py/commit/d9805606f88f00c0be56438247605cefde73e14e#diff-c1d01f37ee54d813815718760b9c4d7b274e2be7ad18f65552cd564336ab593bR110

x_refsource_MISC

https://github.com/web2py/web2py/commit/a181b855a43cb8b479d276b082cfcde385768451

x_refsource_MISC

https://jvn.jp/en/jp/JVN02158640/index.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-33146

Description

Affected Products

References