CVE-2022-46407

MEDIUM Year: 2022
CVSS v3 Score
4.8
Medium
Weakness Type
CWE-601
View all →

Vulnerability Description

Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. The attacker would need admin/elevated access to exploit the vulnerability

Related Vulnerabilities

CVE-2017-16569

MEDIUM
CVSS:4.8(Medium)

An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 via an http: URL in the redirectUrl parameter to app/index.php/meetings/default/createMeeting.

CWE-6012017

CVE-2018-8813

MEDIUM
CVSS:4.8(Medium)

Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a ...

CWE-6012018

CVE-2021-34763

MEDIUM
CVSS:4.8(Medium)

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open red...

CWE-6012021

CVE-2023-34224

MEDIUM
CVSS:4.8(Medium)

In JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was possible

CWE-6012023

CVE-2023-3568

MEDIUM
CVSS:4.8(Medium)

Open Redirect in GitHub repository alextselegidis/easyappointments prior to 1.5.0.

CWE-6012023

CVE-2023-4965

MEDIUM
CVSS:4.8(Medium)

A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument X-F...

CWE-6012023