CVE-2018-1676109.09.2018, 21:29Eventum before 3.4.0 has an open redirect vulnerability.Open RedirectEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST6.1 MEDIUMNETWORKLOWNONECVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NmitreCNA------CVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 83%VendorProductVersioneventum_projecteventum𝑥< 3.4.0𝑥= Vulnerable software versionsCommon Weakness EnumerationCWE-601 - URL Redirection to Untrusted Site ('Open Redirect')A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.Referenceshttps://github.com/eventum/eventum/releases/tag/v3.4.0https://github.com/eventum/eventum/releases/tag/v3.4.0