CVE-2023-38998 Information

Description

An open redirect in the Login page of OPNsense before 23.7 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL.

Reference

https://logicaltrust.net/blog/2023/08/opnsense.html https://github.com/opnsense/core/commit/6bc025af1705dcdd8ef22ff5d4fcb986fa4e45f8