CVE-2017-1000027

medium

Description

Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access.

References

https://forums.contribs.org/index.php/topic%2C52838.0.html

https://cp270.wordpress.com/2017/02/02/security-advisory-open-url-redirect-in-sme-server/

Details

Source: Mitre, NVD

Published: 2017-07-17

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 5.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.0214