CVE-2024-21728

{"id": "CVE-2024-21728", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2024-02-15T21:15:09.220", "references": [{"url": "https://github.com/solracsf/osTicky", "tags": ["Product"], "source": "security@joomla.org"}, {"url": "https://github.com/solracsf/osTicky", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@joomla.org", "description": [{"lang": "en", "value": "CWE-601"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "An Open Redirect vulnerability was found in osTicky2 below 2.2.8. osTicky (osTicket Bridge) by SmartCalc is a Joomla 3.x extension that provides Joomla fronted integration with osTicket, a popular Support ticket system. The Open Redirect vulnerability allows attackers to control the return parameter in the URL to a base64 malicious URL."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad de Open Redirect en osTicky2 inferior a 2.2.8. osTicky (osTicket Bridge) de SmartCalc es una extensi\u00f3n de Joomla 3.x que proporciona integraci\u00f3n frontal de Joomla con osTicket, un popular sistema de tickets de soporte. La vulnerabilidad Open Redirect permite a los atacantes controlar el par\u00e1metro de retorno en la URL a una URL maliciosa base64."}], "lastModified": "2025-06-04T21:08:56.977", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:smartcalc:osticky:*:*:*:*:*:joomla\\!:*:*", "vulnerable": true, "matchCriteriaId": "688E546D-B967-4476-9817-70044BE42350", "versionEndExcluding": "2.2.8"}], "operator": "OR"}]}], "sourceIdentifier": "security@joomla.org"}