CVE-2023-28874

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-28874

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-28874.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-28874

Published

2023-12-09T07:15:07.593Z

Modified

2025-11-15T06:25:43.577316Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites.

References

Affected packages

Git / github.com/haiwen/seafile

Affected ranges

Type: GIT
Repo: https://github.com/haiwen/seafile
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

5517d012bde196a7bab99a08db6580d52630862a

Affected versions

1.*

1.0.0

1.2.0

1.2.1

mac-v1.*

mac-v1.6.2

server-2.*

server-2.0

v0.*

v0.0.0

v1.*

v1.3.0

v1.3.1

v1.3.5

v1.3.5-deb

v1.3.5-mac

v1.3.5-win

v1.4-mac

v1.4.0-deb

v1.4.0-server

v1.4.1-mac

v1.4.1-server

v1.4.5-1-server

v1.4.5-server

v1.4.5-src

v1.5.0-win

v1.5.1-server

v1.5.1-win

v1.5.2-win

v1.5.3-cli

v1.5.3-mac

v1.5.3-win

v1.6.0-deb

v1.6.0-server

v1.6.0-win

v1.6.1-mac

v1.6.1-win

v1.7.0-deb

v1.7.0-server

v1.7.0-win

v1.7.1-mac

v1.7.1-win

v1.7.2-win

v1.7.3-client

v1.8.0-mac

v2.*

v2.0.2-server

v2.0.3-server

v2.0.4-client

v2.0.4-server

v2.0.6

v2.0.7

v2.0.8

v2.1.1

v2.1.1-testing

v2.1.2

v2.1.2-mac

v2.1.3-server

v2.1.3-server-testing

v2.1.3-testing

v2.1.4-server

v2.1.5-server

v2.2.0

v2.2.1-server

v3.*

v3.0.0

v3.0.0-server

v3.0.0-server-testing

v3.0.0-testing

v3.0.1-server

v3.0.1-server-testing

v3.0.2

v3.0.2-pro

v3.0.2-server

v3.0.2-server-testing

v3.0.2-testing

v3.0.3

v3.0.3-server

v3.0.3-testing

v3.0.4

v3.0.4-server

v3.0.4-server-testing

v3.1.0-server-testing

v3.1.0-testing

v3.1.1-server

v3.1.1-server-testing

v3.1.1-testing

v3.1.10

v3.1.11

v3.1.14-server

v3.1.2-server-testing

v3.1.2-testing

v3.1.3-server

v3.1.3-server-testing

v3.1.3-testing

v3.1.4

v3.1.4-server-testing

v3.1.4-testing

v3.1.5

v3.1.5-server

v3.1.5-server-testing

v3.1.5-testing

v3.1.6

v3.1.6-server

v3.1.6-server-testing

v3.1.7

v3.1.7-server

v3.1.7-server-testing

v3.1.7-testing

v3.1.8

v3.1.9

v4.*

v4.0.0

v4.0.0-server

v4.0.1

v4.0.1-server

v4.0.2

v4.0.2-server

v4.0.3

v4.0.3-server

v4.0.4

v4.0.4-server

v4.0.5

v4.0.6

v4.0.6-server

v4.1.0

v4.1.0-server

v4.1.1

v4.1.1-server

v4.1.2

v4.1.2-server

v4.1.3

v4.1.4

v4.1.5

v4.1.6

v4.2.0

v4.2.0-server

v4.2.1

v4.2.1-server

v4.2.2

v4.2.4-bak

v4.2.5

v4.2.6

v4.2.7

v4.3.0

v4.3.0-server

v4.3.1

v4.3.1-server

v4.3.2

v4.3.2-server

v4.3.2-testing

v4.3.3

v4.3.3-testing

v4.3.4

v4.4.0

v4.4.0-server

v4.4.1

v4.4.1-server

v4.4.2

v4.4.2-server

v4.4.3-server

v4.4.4-server

v4.4.5-server

v4.4.6-server

v5.*

v5.0.0-server

v5.0.0-testing

v5.0.1-server

v5.0.2

v5.0.3

v5.0.4

v5.0.4-server

v5.0.5

v5.0.5-server

v5.0.6

v5.0.7

v5.1.0

v5.1.0-server

v5.1.1

v5.1.1-server

v5.1.2

v5.1.2-server

v5.1.3

v5.1.3-server

v5.1.4

v5.1.4-server

v5.1.4-testing

v6.*

v6.0.0

v6.0.0-server

v6.0.1

v6.0.2

v6.0.2-testing

v6.0.3

v6.0.4

v6.0.6

v6.0.7

v6.1.0

v6.1.1

v6.1.3

v6.1.4

v6.1.5

v6.1.6

v6.1.7

v6.1.8

v6.2.0

v6.2.1

v6.2.10

v6.2.11

v6.2.2

v6.2.3

v6.2.4

v6.2.5

v6.2.7

v6.2.8

v6.2.9

v7.*

v7.0.0

v7.0.1

v7.0.10

v7.0.2

v7.0.3

v7.0.3-bak

v7.0.4

v7.0.5

v7.0.6

v7.0.7

v7.0.8

v7.0.8-bak

v7.0.8-testing

v7.0.9

v8.*

v8.0.0

v8.0.1

v8.0.10

v8.0.2

v8.0.3

v8.0.4

v8.0.5

v8.0.6

v8.0.7

v8.0.8

v8.0.9

v9.*

v9.0.0

v9.0.1

v9.0.2

v9.0.2-1

v9.0.3

v9.0.4

v9.0.5

v9.0.6

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-28874.json"