Description
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an open redirect which allows an attacker to insert malicious web page as a redirect parameter.
Remediation
References
https://pivotal.io/security/cve-2015-3190
Related Vulnerabilities
CVE-2022-45391 Vulnerability in maven package io.jenkins.plugins:cavisson-ns-nd-integration
CVE-2023-29201 Vulnerability in maven package org.xwiki.commons:xwiki-commons-xml
CVE-2021-21277 Vulnerability in npm package angular-expressions
CVE-2023-29529 Vulnerability in npm package matrix-js-sdk
CVE-2021-21655 Vulnerability in maven package org.jenkins-ci.plugins:p4