Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Bitrix open redirect - Vulnerability Database

Bitrix open redirect

Description

Invicti has detected that the web application is based on Bitrix. This version of Bitrix has an open redirect vulnerability.

Open redirection is sometimes used as a part of phishing attacks that confuse visitors about which web site they are visiting.

Remediation

Upgrade to the latest version of Bitrix

References

Unvalidated Redirects and Forwards Cheat Sheet

Related Vulnerabilities

Open Redirection Medium
Common tags: URL Redirection
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Open Redirect (2.0.5) High
Common tags: URL Redirection
WordPress Plugin The Events Calendar Open Redirect (4.1.1) High
Common tags: URL Redirection
WordPress Plugin moreAds SE Open Redirect (1.4.8) High
Common tags: URL Redirection
WordPress Plugin Translate WordPress with GTranslate Open Redirect (2.8.10) High
Common tags: URL Redirection

Severity

Medium

Classification

CWE-601
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

URL Redirection