7.1 High
AI Score
Confidence
Low
0.024 Low
EPSS
Percentile
90.0%
The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872.
securityreason.com/securityalert/2217
www.securityfocus.com/archive/1/458464/100/0/threaded
www.securityfocus.com/archive/1/459264/100/0/threaded
www.securityfocus.com/bid/22295
www.vupen.com/english/advisories/2007/0407