How severe is CVE-2024-53995?

This vulnerability has a severity rating of LOW with a CVSS score of N/A out of 10.

What type of vulnerability is CVE-2024-53995?

This is classified as CWE-601, which is a common weakness in software security.

CVE-2024-53995

LOW Year: 2024

Weakness Type

CWE-601

View all →

Vulnerability Description

SickChill is an automatic video library manager for TV shows. A user-controlled `login` endpoint's `next_` parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open redirect. Commit c7128a8946c3701df95c285810eb75b2de18bf82 changes the login page to redirect to `settings.DEFAULT_PAGE` instead of to the `next` parameter.

CVE-2022-31657

CRITICAL

CVSS:9.8(Critical)

VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.

CWE-6012022

CVE-2024-22891

CRITICAL

CVSS:9.8(Critical)

Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnerability via the Markdown link.

CWE-6012024

CVE-2022-40083

CRITICAL

CVSS:9.6(Critical)

Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery ...

CWE-6012022

CVE-2022-41559

CRITICAL

CVSS:9.3(Critical)

The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on t...

CWE-6012022