CVE-2023-50297:

0.0 CVSS

Description

Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability.

Classification

CVE ID: CVE-2023-50297

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: Alfasado Inc.

Product: PowerCMS (PowerCMS 6 Series)

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.07% (probability of being exploited)

EPSS Percentile: 33.57% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://www.powercms.jp/news/release-powercms-202312.html
https://jvn.jp/en/jp/JVN32646742/

Timeline

2024-11-28 00:11:42 UTC
CVE