Piwigo URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2017-9464 - Vulnerability Database

Piwigo URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2017-9464

Medium

Reference: CVE-2017-9464

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-9464

Title: Piwigo URL Redirection to Untrusted Site (Open Redirect) Vulnerability

Overview:

An open redirect vulnerability is present in Piwigo 2.9 and probably prior versions allowing remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. The identification.php component is affected by this issue: the quotredirectquot parameter is not validated.