Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2021-95241
HistoryNov 25, 2021 - 12:00 a.m.

Redash input validation error vulnerability

2021-11-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
redash
input validation error
vulnerability
google sign-in
redirection
implementation
data integration
analysis
israeli company
cnvd

EPSS

0.001

Percentile

20.9%

JSON

Redash is a data integration and analysis solution from the Israeli company Redash. Redash 10.0.0 and earlier versions are vulnerable to an input validation error, which stems from the program’s implementation of the Google sign-in feature that does not properly use the "state" parameter to pass the next URL to redirect the user after signing in. No detailed vulnerability details are available at this time.

Related

osv 2
prion 1
nvd 1
cvelist 1
cve 1
osv
osv
CVE-2021-43777
2021-11-24 16:15:14
BIT-redash-2021-43777
2024-03-06 11:03:21
prion
prion
Cross site request forgery (csrf)
2021-11-24 16:15:00
nvd
nvd
CVE-2021-43777
2021-11-24 16:15:14
cvelist
cvelist
CVE-2021-43777 Vulnerability in Redash OAuth2 flows due to misuse of state field (should be a nonce)
2021-11-23 23:30:10
cve
cve
CVE-2021-43777
2021-11-24 16:15:14

EPSS

0.001

Percentile

20.9%

JSON
Related for CNVD-2021-95241
osv2prion1nvd1cvelist1cve1