{"id":"CVE-2023-6552","summary":"Open redirect in TasmoAdmin","details":"Lack of \"current\" GET parameter validation during the action of changing a language leads to an open redirect vulnerability.\n","modified":"2026-05-01T04:21:42.848515Z","published":"2024-01-08T12:19:58.358Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/6xxx/CVE-2023-6552.json","cwe_ids":["CWE-601"],"cna_assigner":"CERT-PL"},"references":[{"type":"ADVISORY","url":"https://cert.pl/en/posts/2024/01/CVE-2023-6552/"},{"type":"ADVISORY","url":"https://cert.pl/posts/2024/01/CVE-2023-6552/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/6xxx/CVE-2023-6552.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6552"},{"type":"FIX","url":"https://github.com/TasmoAdmin/TasmoAdmin/pull/1039"},{"type":"PACKAGE","url":"https://github.com/TasmoAdmin/TasmoAdmin"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tasmoadmin/tasmoadmin","events":[{"introduced":"0"},{"fixed":"127a338712f69e5dd16ef0db045949681a0f7572"}]}],"versions":["v0.0.4","v0.0.5","v0.0.6","v0.0.7","v0.0.8","v1.0.0","v1.0.1","v1.0.2","v1.0.3","v1.3.3","v1.6.0","v1.6.0-beta10","v1.6.0-beta11","v1.6.0-beta12","v1.6.0-beta13","v1.6.0-beta17","v1.6.0-beta18","v1.6.0-beta2","v1.6.0-beta20","v1.6.0-beta21","v1.6.0-beta3","v1.6.0-beta4","v1.6.0-beta5","v1.6.0-beta6","v1.6.0-beta7","v1.6.0-beta8","v1.6.0-beta9","v1.6.1","v1.6.1-beta1","v1.6.1-beta2","v1.6.1-beta3","v1.6.2","v1.6.2-beta2","v1.6.3","v1.6.3-beta1","v1.6.4","v1.6.4-beta1","v1.6.4-beta2","v1.6.4-beta3","v1.6.4-beta3-1","v1.6.4-beta4","v1.6.4-beta5","v1.6.5","v1.6.5-beta1","v1.6.5-beta2","v1.7.0","v1.7.0-beta1","v1.7.0-beta2","v1.8.0","v2.0.0","v2.0.0-beta1","v2.0.0-beta10","v2.0.0-beta2","v2.0.0-beta3","v2.0.0-beta4","v2.0.0-beta5","v2.0.0-beta6","v2.0.0-beta7","v2.0.0-beta8","v2.0.0-beta9","v2.1.0","v2.1.0-beta.16","v2.1.0-beta.17","v2.1.0-beta.18","v2.1.0-beta.19","v2.1.0-beta1","v2.1.0-beta10","v2.1.0-beta11","v2.1.0-beta12","v2.1.0-beta13","v2.1.0-beta14","v2.1.0-beta15","v2.1.0-beta2","v2.1.0-beta3","v2.1.0-beta5","v2.1.0-beta6","v2.1.0-beta7","v2.1.0-beta8","v2.1.0-beta9","v2.1.1","v2.1.1-beta.1","v2.1.1-beta.2","v2.2.0","v2.2.0-beta.1","v2.2.0-beta.2","v2.2.0-beta.3","v2.2.0-beta.4","v2.2.0-beta.5","v2.3.0","v2.3.0-beta.4","v2.3.0-beta.5","v2.3.0-beta1","v2.3.0-beta2","v2.3.0-beta3","v2.3.1","v2.3.2","v2.3.3","v2.3.3-beta.1","v2.4.0","v2.4.0-beta.1","v2.4.0-beta.2","v2.4.1","v2.4.2","v2.4.2untagged-486769b31d4a4596422d","v3.0.0","v3.0.0-beta.1","v3.0.0-beta.2","v3.0.0-beta.3","v3.0.0-beta.4","v3.0.0-beta.5","v3.0.0-beta.6","v3.0.1","v3.0.1-beta.1","v3.0.1-beta.2","v3.0.2","v3.0.2-beta.1","v3.0.2-beta.2","v3.0.3","v3.0.3-beta.1","v3.0.3-beta.2","v3.0.4","v3.0.5","v3.0.6","v3.0.6-beta.1","v3.0.6-beta.2","v3.0.7","v3.0.7-beta.1","v3.0.8","v3.1.0","v3.1.0-beta.1","v3.1.0-beta.2","v3.1.1","v3.1.1-beta.1","v3.1.2","v3.1.2-beta.1","v3.1.2-beta.2","v3.1.2-beta.3","v3.1.2-beta.4","v3.1.3","v3.1.3-beta.1","v3.1.4","v3.1.4-beta.1","v3.2.0","v3.2.0-beta.1","v3.2.0-beta.2","v3.2.0-beta.3","v3.2.0-beta.4","v3.3.0-beta.1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-6552.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}