Lucene search
GoogleOSV:CVE-2018-15798HistoryDec 19, 2018 - 10:29 p.m.
CVE-2018-15798
2018-12-1922:29:00
Google
osv.dev
10
Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. A remote unauthenticated attacker could convince a user to click on a link using the oAuth redirect link with an untrusted website and gain access to that user’s access token in Concourse.
References
Related
osv
osv
Pivotal Concourse Open Redirect in Login Flow
2022-02-15 01:57:18
CVE-2020-5409
2020-05-14 00:15:11
BIT-concourse-2020-5409
2024-03-06 10:51:15
cvelist
cvelist
CVE-2018-15798 Pivotal Concourse allows malicious redirect urls on login
2018-12-19 22:00:00
CVE-2020-5409 Concourse Open Redirect in the /sky/login endpoint
2020-05-13 23:15:17
prion
prion
Design/Logic Flaw
2018-12-19 22:29:00
Code injection
2020-05-14 00:15:00
github
github
Pivotal Concourse Open Redirect in Login Flow
2022-02-15 01:57:18
nvd
nvd
CVE-2018-15798
2018-12-19 22:29:00
CVE-2020-5409
2020-05-14 00:15:11
cve
cve
CVE-2018-15798
2018-12-19 22:29:00
CVE-2020-5409
2020-05-14 00:15:11