GitHub Advisory DatabaseGHSA-VG27-HR3V-3CQVopen redirect in pollbot
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
27.3%
(From https://bugzilla.mozilla.org/show_bug.cgi?id=1753838)
Summary:
There was an open redirection vulnerability in the path of:
https://pollbot.services.mozilla.com/ and https://pollbot.stage.mozaws.net/
Description:
An attacker can redirect anyone to malicious sites.
Steps To Reproduce:
Type in this URL:
https://pollbot.services.mozilla.com/ /evil.com/
It redirects to that website
evil.com was used as an example but this could be any website. Note, the /%0a/ and trailing / are required.
Supporting Material/References:
https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html
Impact
Attackers can serve malicious websites that steal passwords or download ransomware to their victims machine due to a redirect and there are a heap of other attack vectors.
Affected configurations
References
bugzilla.mozilla.org/show_bug.cgi?id=1753838
bugzilla.mozilla.org/show_bug.cgi?id=CVE-2022-0637
github.com/advisories/GHSA-vg27-hr3v-3cqv
github.com/mozilla/PollBot/commit/e39d8bec2df582ba525bb2e2f33c3ebc584d7ff8
github.com/mozilla/PollBot/pull/360
github.com/mozilla/PollBot/security/advisories/GHSA-vg27-hr3v-3cqv
nvd.nist.gov/vuln/detail/CVE-2022-0637
Related
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
27.3%