CVE-2016-15030

Name of the Vulnerable Software and Affected Versions Arno0x TwoFactorAuth (affected versions not specified)

Description A problematic vulnerability has been found in Arno0x TwoFactorAuth, affecting an unknown part of the file login/login.php. The manipulation of the from argument leads to open redirect. It is possible to initiate the attack remotely.

Recommendations To fix this issue, it is recommended to apply the patch named 8549ad3cf197095f783643e41333586d6a4d0e54. As a temporary workaround, consider restricting access to the vulnerable file login/login.php until the patch is applied. Avoid using the from argument in the affected API endpoint until the issue is resolved.