PT-2026-20646 · Busy · Busy
Zast.Ai
·
Publicado
2026-02-19
·
Atualizado
2026-02-19
·
CVE-2026-2709
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
busy versions 2.5.5 and earlier
Description
A flaw exists in busy that could allow for open redirect attacks. The issue is located within an unknown function in the file
source-code/busy-master/src/server/app.js of the Callback Handler component. Manipulation of the state argument can trigger the flaw. The attack can be launched remotely. The project has been informed of the issue but has not yet responded.Recommendations
Update to a version newer than 2.5.5.
Exploit
Correção
Open Redirect
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Busy