CVE-2024-39097

MEDIUM

SIR Gnuboard < 6.0.5 - Open Redirect

Title source: rule

There is an Open Redirect vulnerability in Gnuboard v6.0.4 and below via the `url` parameter in login path.

Core 4

Core References

Exploit, Issue Tracking, Vendor Advisory

Exploit, Third Party Advisory

Patch

Issue Tracking

CVSS v3 6.1

EPSS 0.0046

EPSS Percentile 64.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

CWE

CWE-601

Status published

Products (1)

sir/gnuboard < 6.0.5

Published Aug 26, 2024

Tracked Since Feb 18, 2026