CVE-2017-1000027

MEDIUM

Koozali Foundation SME Server <10 - Open Redirect

Title source: llm

Description

Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access.

References (2)

Scores

CVSS v3 6.1
EPSS 0.0214
EPSS Percentile 84.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-601
Status published
Products (5)
koozali/sme_server
koozali/sme_server
koozali/sme_server
koozali/sme_server
n/a/n/a
Published Jul 17, 2017
Tracked Since Feb 18, 2026