CVE-2015-9058

MEDIUM

Proxmox Mail Gateway < 4.0-4\/b38fc5d9 - Open Redirect

Title source: rule

Description

Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.

References (1)

[Exploit, Third Party Advisory] https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-024/?fid=7431

Scores

CVSS v3 6.1

EPSS 0.0022

EPSS Percentile 43.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Classification

CWE

CWE-601

Status published

Affected Products (2)

proxmox/proxmox_mail_gateway < 4.0-4\/b38fc5d9

n/a/n/a

Timeline

Published May 03, 2017

Tracked Since Feb 18, 2026