CVE-2022-26954

EUVD-2022-31498
Multiple open redirect vulnerabilities in NopCommerce 4.10 through 4.50.1 allow remote attackers to conduct phishing attacks by redirecting users to attacker-controlled web sites via the returnUrl parameter, processed by the (1) ChangePassword function, (2) SignInCustomerAsync function, (3) SuccessfulAuthentication method, or (4) NopRedirectResultExecutor class.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA-ADPADP
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
nopcommercenopcommerce
4.10 ≤
𝑥
< 4.50.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/adeadfed/baea45138b7eb29e09f6505d56b56413
https://github.com/nopSolutions/nopCommerce/releases
https://gist.github.com/adeadfed/baea45138b7eb29e09f6505d56b56413
https://github.com/nopSolutions/nopCommerce/releases