Vulnerability Details : CVE-2020-36627
A vulnerability was found in Macaron i18n. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file i18n.go. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 0.5.0 is able to address this issue. The name of the patch is 329b0c4844cc16a5a253c011b55180598e707735. It is recommended to upgrade the affected component. The identifier VDB-216745 was assigned to this vulnerability.
Vulnerability category: Open redirect
Products affected by CVE-2020-36627
- cpe:2.3:a:go-macaron:i18n:*:*:*:*:*:macaron:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-36627
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 18 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-36627
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L |
2.1
|
3.4
|
VulDB | |
|
5.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L |
2.1
|
3.4
|
VulDB | 2024-02-29 |
|
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2020-36627
-
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.Assigned by: cna@vuldb.com (Primary)
References for CVE-2020-36627
-
https://github.com/go-macaron/i18n/commit/329b0c4844cc16a5a253c011b55180598e707735
security: fix Open Redirection vulnerability · go-macaron/i18n@329b0c4 · GitHubPatch;Third Party Advisory
-
https://vuldb.com/?id.216745
Login requiredThird Party Advisory
-
https://github.com/go-macaron/i18n/releases/tag/v0.5.0
Release v0.5.0 · go-macaron/i18n · GitHubRelease Notes;Third Party Advisory
Jump to