← Back to CVE List
CVE-2018-17422
dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt