CVE-2022-31193 – DSpace open source software is a repository application which provides durable access to d …

1 August 2022

Vuln ID: CVE-2022-31193

Published: 2022-08-01 21:15:13Z

Description: DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker’s choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability.

Source: NVD.NIST.GOV

Date:

1 August 2022

Categorie(s):

NVD

Tag(s):

NVD

Fraudsters abused Apple Stores’ third-party pickup policy to phish for profits19 April 2024
51% of enterprises experienced a breach despite large security stacks19 April 2024
Alert! Windows LPE Zero-day Exploit Advertised on Hacker Forums19 April 2024
New infosec products of the week: April 19, 202419 April 2024
From Hackers to Streakers – How Counterintelligence Teams are Protecting the NFL – Joe McMann – ESW #35819 April 2024