CVE-2024-24763

MEDIUM NUCLEI

JumpServer < 3.10.0 - Open Redirect

Title source: nuclei

Description

JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to version 3.10.0, attackers can exploit this vulnerability to construct malicious links, leading users to click on them, thereby facilitating phishing attacks or cross-site scripting attacks. Version 3.10.0 contains a patch for this issue. No known workarounds are available.

Nuclei Templates (1)

JumpServer < 3.10.0 - Open Redirect
MEDIUMby ritikchaddha
FOFA: title="JumpServer" || title="jumpserver"

References (2)

Scores

CVSS v3 4.3
EPSS 0.3068
EPSS Percentile 96.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Details

CWE
CWE-601
Status published
Products (1)
fit2cloud/jumpserver < 3.10.0
Published Feb 20, 2024
Tracked Since Feb 18, 2026