GitHub Advisory DatabaseGHSA-G4RF-PC26-6HMROMERO webclient does not validate URL redirects on login or switching group.
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
4.9 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
32.3%
Background
OMERO.web supports redirection to a given URL after performing login or switching the group context. These URLs are not validated, allowing redirection to untrusted sites. OMERO.web 5.9.0 adds URL validation before redirecting. External URLs are not considered valid, unless specified in the omero.web.redirect_allowed_hosts setting.
Impact
OMERO.web before 5.9.0
Patches
5.9.0
Workarounds
No workaround
References
For more information
If you have any questions or comments about this advisory:
References
github.com/advisories/GHSA-g4rf-pc26-6hmr
github.com/ome/omero-web/blob/master/CHANGELOG.md#590-march-2021
github.com/ome/omero-web/commit/952f8e5d28532fbb14fb665982211329d137908c
github.com/ome/omero-web/security/advisories/GHSA-g4rf-pc26-6hmr
nvd.nist.gov/vuln/detail/CVE-2021-21377
pypi.org/project/omero-web/
www.openmicroscopy.org/security/advisories/2021-SV2/
Related
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
4.9 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
32.3%