What is CVE-2020-8143?

CVE-2020-8143 is a vulnerability in Https://github.com/revive-adserver/revive-adserver, classified under URL Redirection to Untrusted Site (Open Redirect). Published 2020-04-03.

Is CVE-2020-8143 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Open Redirect in Https://github.com/revive-adserver/revive-adserver

CVE-2020-8143

An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted link and have them redirected to any de…

Vulnerability class: Open Redirect

EPSS: 0.704 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a Https://github.com/revive-adserver/revive-adserver — versions Fixed in >= 5.0.5

Weakness classification (CWE)

CWE-601 — URL Redirection to Untrusted Site (Open Redirect)

Public proof-of-concept exploits

References

hackerone.com/reports/794144 (x_refsource_MISC)
www.revive-adserver.com/security/revive-sa-2020-002/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-8143?: CVE-2020-8143 is a vulnerability in Https://github.com/revive-adserver/revive-adserver, classified under URL Redirection to Untrusted Site (Open Redirect). Published 2020-04-03.
Is CVE-2020-8143 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.