There is a URL redirect in kkFileView
1、 Vulnerability Description
KkFileView is an online preview solution for file documents. This project is built using the popular Spring Boot, making it easy to get started and deploy. It basically supports online preview of mainstream office documents. Attackers can redirect users to any website or application by constructing malicious URLs.
2、 Vulnerability impact
http://kkfileview.keking.cn/ Kkfileview v4.1.0 version
3、Recurrence of vulnerabilities
[Attack Vectors]
http://xxx.xxx.xxx.126:8012/getCorsFile?urlPath=aHR0cHM6Ly93d3cueW91dHViZS5jb20v
The following address is https://www.youtube.com/ Base64 encoded