Improper input validation in Redhat Openshift

CVE-2012-5647

Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.005 (65.2th percentile) — read the EPSS interpretation.

Affected products

Redhat Openshift — versions 1.0
Redhat Openshift_origin
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

secalert@redhat.com (x_refsource_CONFIRM)
89430 (x_refsource_OSVDB, vdb-entry)
RHSA-2013:0148 (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)
secalert@redhat.com (x_refsource_MISC)
57189 (vdb-entry, x_refsource_BID)