Issues » Client Side URL Redirection

Issue: SI-46
Date: Jan 10, 2019, 4:00:00 AM
Severity: Medium
Requires Admin Access: No
Fix Version: TBD
Credit: Johannes Moritz - RIPS TECHNOLOGIES GMBH

A URL of attackers choice can be passed as a parameter to a specific dotCMS endpoint.  This endpoint responds with a 302 redirect which causes the browser to load the URL passed into dotCMS.  This could be used a part of a phishing attack or to redirect user to an infection page. -

To exploit this vulnerability, the user must be logged into the backend of dotCMS.

Status of this issue can be tracked here:


Application firewall