CVE-2020-23015
Description
An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website.
NVD
Severity: MEDIUM
CVE ID: CVE-2020-23015
CVSS Score: 6.1
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Proof Of Concept
Nuclei Templates for CVE-2020-23015
Refrence: Project Discovery GitHub