Newforma Info Exchange Open URL Redirect Vulnerability

Vulnerability

A URL redirection vulnerability has been identified in Newforma Info Exchange (NIX) versions prior to 2024.1. The issue resides in the '/DownloadWeb/hyperlinkredirect.aspx' endpoint, where an unauthenticated URL redirect is facilitated through the 'nhl' parameter. This vulnerability allows for open redirect scenarios, potentially leading users to untrusted sites.

Impact

Exploitation of this vulnerability could lead to open redirect scenarios, where users are sent to untrusted or potentially malicious sites.

Added: Oct 9, 2025, 9:29 PM

Updated: Oct 9, 2025, 9:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

7.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

7.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Newforma Info Exchange Open URL Redirect Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating