forkcms

vulnerability open redirect
severity 6.5
language php
registry other

✍️ Description

The forkcms is vulnerable to Open Redirect through invalid characters in the URL path.

🕵️‍♂️ Proof of Concept

With an authenticated user, access: http://localhost/private/en/authentication?querystring=/%01/effectrenan.com

💥 Impact

This vulnerability allows attackers to fool victims to access fake URLs.