Lucene search
MitreCVELIST:CVE-2020-12283HistoryApr 30, 2020 - 4:07 a.m.
CVE-2020-12283
2020-04-3004:07:29
mitre
www.cve.org
0.001 Low
EPSS
Percentile
47.2%
Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of improper validation in the SafeRedirectURL method in cmd/frontend/auth/redirect.go, such as for the //foo//example.com substring.
References
github.com/sourcegraph/sourcegraph/blob/master/CHANGELOG.md
github.com/sourcegraph/sourcegraph/commit/c0f48172e815c7f66471a38f0a06d1fc32a77a64
github.com/sourcegraph/sourcegraph/compare/v3.15.0...v3.15.1
github.com/sourcegraph/sourcegraph/pull/10167
securitylab.github.com/advisories/GHSL-2020-085-sourcegraph
Related
osv
osv
CVE-2020-12283
2020-04-30 05:15:11
Open redirect vulnerability in Sourcegraph
2021-12-20 18:12:47
cve
cve
CVE-2020-12283
2020-04-30 05:15:11
github
github
Open redirect vulnerability in Sourcegraph
2021-12-20 18:12:47
prion
prion
Input validation
2020-04-30 05:15:00
veracode
veracode
Authentication Bypass
2020-05-04 06:32:31
nvd
nvd
CVE-2020-12283
2020-04-30 05:15:11