Published:
2019/02/06
Last Updated:
2019/02/06
Information from OGIS-RI Co.,Ltd.
Vulnerability ID:JVN#43193964
Title:OpenAM (Open Source Edition) vulnerable to open redirect
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
The contents of the vulnerability are as follows.
In ThemiStruct-WAM version 5.0.0 to 5.1.1,
When a specially crafted request is sent to the OAuth 2 endpoint,
An open redirect vulnerability could lead you to a malicious site.
We provide information on this issue at the following URL
https://www.cs.themistruct.com/