CVE-2024-55452
MEDIUMUJCMS 9.6.3 - Authenticated Open Redirect via Block Item Upload
Title source: llmDescription
A URL redirection vulnerability exists in UJCMS 9.6.3 due to improper validation of URLs in the upload and rendering of new block / carousel items. This vulnerability allows authenticated attackers to redirect unprivileged users to an arbitrary, attacker-controlled webpage. When an authenticated user clicks on the malicious block item, they are redirected to the arbitrary untrusted domains, where sensitive tokens, such as JSON Web Tokens, can be stolen via a crafted webpage.
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://github.com/cydtseng/Vulnerability-Research/blob/main/ujcms/OpenRedirect-BlockItemUpload.md
Product
https://github.com/dromara/ujcms
Scores
CVSS v3
5.4
EPSS
0.0025
EPSS Percentile
16.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-601
Status
published
Products (1)
ujcms/ujcms
9.6.3
Published
Dec 16, 2024
Tracked Since
Feb 18, 2026