6.1
CVE-2024-10812
- EPSS 0.57%
- Veröffentlicht 20.03.2025 10:09:24
- Zuletzt bearbeitet 14.07.2025 15:00:54
- Quelle security@huntr.dev
- CVE-Watchlists
- Unerledigt
LoginOpen Redirect in binary-husky/gpt_academic
An open redirect vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs when a user is redirected to a URL specified by user-controlled input in the 'file' parameter without proper validation or sanitization. This can be exploited by attackers to conduct phishing attacks, distribute malware, and steal user credentials.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Binary-husky ≫ Gpt Academic Version3.83
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.57% | 0.426 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@huntr.dev | 6.1 | 2.8 | 2.7 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
https://huntr.com/bounties/51408ebd-e0be-489d-8088-f210087dbd6a