CVE-2019-3912

EPSS 4.8%CWE-601

An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites.

Affected products

Tenable · LabKey Server Community Edition

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.tenable.com/security/research/tra-2019-03