{"id":"CVE-2023-6545","details":"The package authelia-bhf included in Beckhoffs TwinCAT/BSD is prone to an open redirect that allows a remote unprivileged attacker to redirect a user to another site. This may have limited impact to integrity and does solely affect anthelia-bhf the Beckhoff fork of authelia.","modified":"2026-04-10T05:07:54.242781Z","published":"2023-12-14T14:15:45.753Z","references":[{"type":"ADVISORY","url":"https://cert.vde.com/en/advisories/VDE-2023-067/"},{"type":"ADVISORY","url":"https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2023-001.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/beckhoff/authelia","events":[{"introduced":"0"},{"fixed":"2097b13df565da9732f76ef57eaf4686225ca3e5"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.37.5"}]}}],"versions":["v2.0.1","v2.0.2","v2.0.3","v2.0.4","v2.0.5","v2.1.0","v2.1.1","v2.1.2","v2.1.3","v2.1.4","v2.1.5","v2.1.6","v2.1.7","v2.1.8","v2.1.9","v3.0.1","v3.1.0","v3.1.1","v3.1.2","v3.1.3","v3.1.4","v3.12.0","v3.13.0","v3.14.0","v3.15.0","v3.16.2","v3.2.0","v3.3.19","v3.4.0","v3.4.1","v3.4.2","v3.5.0","v3.6.0","v3.7.0","v3.7.1","v3.8.0","v3.8.2","v3.8.3","v4.0.0","v4.0.0-alpha1","v4.0.0-alpha2","v4.1.0","v4.10.0","v4.11.0","v4.12.0","v4.13.0","v4.13.1","v4.14.0","v4.14.1","v4.14.2","v4.15.0","v4.15.1","v4.16.0","v4.17.0","v4.18.0","v4.18.1","v4.19.0","v4.19.1","v4.19.2","v4.2.0","v4.20.0","v4.21.0","v4.22.0","v4.23.0","v4.23.1","v4.23.2","v4.23.3","v4.24.0","v4.24.1","v4.25.0","v4.25.1","v4.25.2","v4.26.0","v4.26.1","v4.26.2","v4.3.0","v4.4.0","v4.5.0","v4.5.1","v4.6.0","v4.7.0","v4.7.1","v4.7.2","v4.8.0","v4.9.0","v4.9.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-6545.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}]}