directmailteam/direct-mailis vulnerable to open redirection. The package does not sanitize jumpUrl
allowing an attacker to redirect users to a malicious site.
CPE | Name | Operator | Version |
---|---|---|---|
directmailteam/direct-mail | le | 5.2.3 | |
directmailteam/direct-mail | le | 5.2.3 |