CVE-2022-27463

MEDIUM

Wwbn Avideo < 11.6 - Open Redirect

Title source: rule

Description

Open redirect vulnerability in objects/login.json.php in WWBN AVideo through 11.6, allows attackers to arbitrarily redirect users from a crafted url to the login page.

References (2)

Core 2

Core References

Product x_refsource_misc

https://avideo.tube/

Patch, Third Party Advisory x_refsource_misc

https://github.com/WWBN/AVideo/commit/77e9aa6411ff4b97571eb82e587139ec05ff894c

View Patch ZIP pw:eip

Scores

CVSS v3 6.1

EPSS 0.0020

EPSS Percentile 41.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-601

Status published

Products (2)

wwbn/avideo < 11.6

wwbn/avideo 0Packagist

Published Apr 05, 2022

Tracked Since Feb 18, 2026