CVE-2026-3264
Open Redirect Vulnerability in go2ismail Free-CRM Administrative Interface
Publication date: 2026-02-26
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| go2ismail | free-crm | to 2025-09-21 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-698 | The web application sends a redirect to another location, but instead of exiting, it executes additional code. |
| CWE-705 | The product does not properly return control flow to the proper location after it has completed a task or detected an unusual condition. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the go2ismail Free-CRM software, specifically in an unknown functionality of the Administrative Interface component. It allows an attacker to perform a manipulation that leads to execution after a redirect. The attack can be carried out remotely, and the exploit has been publicly disclosed.
How can this vulnerability impact me? :
The vulnerability can allow a remote attacker to execute actions after a redirect within the Administrative Interface of the affected software. This could potentially lead to unauthorized actions or access, impacting the security and integrity of the system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know