CVE-2015-7823 : Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 throu

Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 through 8.2.41 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the link parameter.

Published 2015-10-21 15:59:03

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Vulnerability category: Open redirect

Products affected by CVE-2015-7823

Kentico » Kentico Cms » Version: 8.2
cpe:2.3:a:kentico:kentico_cms:8.2:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-7823

EPSS FAQ

27.50%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 96 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-7823

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:N	8.6	4.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

References for CVE-2015-7823

http://packetstormsecurity.com/files/133981/Kentico-CMS-8.2-Cross-Site-Scripting-Open-Redirect.html

Kentico CMS 8.2 Cross Site Scripting / Open Redirect ≈ Packet Storm
Exploit

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2015-7823

Products affected by CVE-2015-7823

Exploit prediction scoring system (EPSS) score for CVE-2015-7823

CVSS scores for CVE-2015-7823

References for CVE-2015-7823