|Requires Admin Access:||No|
|Credit:||Johannes Moritz - RIPS TECHNOLOGIES GMBH|
A URL of attackers choice can be passed as a parameter to a specific dotCMS endpoint. This endpoint responds with a 302 redirect which causes the browser to load the URL passed into dotCMS. This could be used a part of a phishing attack or to redirect user to an infection page. - https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004)
To exploit this vulnerability, the user must be logged into the backend of dotCMS.
Status of this issue can be tracked here: https://github.com/dotCMS/core/issues/15810