Lucene search
Wonda_tea_coffeeH1:1865991HistoryFeb 07, 2023 - 11:03 p.m.
Internet Bug Bounty: Open Redirect Vulnerability in Action Pack
2023-02-0723:03:04
wonda_tea_coffee
hackerone.com
$2400
23
internet bug bounty
open redirect
vulnerability
action pack
incomplete url input validation
patch
rails 7.0
0.001 Low
EPSS
Percentile
21.4%
We were able to bypass the mechanism that prevents open redirects due to incomplete URL input validation.
I have reported it below and written a patch to fix it.
https://hackerone.com/reports/1789458
Impact
Vulnerable code will look like this:
redirect_to(params[:some_param])
Rails 7.0 introduced protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could be bypassed by a carefully crafted URL.
Related
github
github
Open Redirect Vulnerability in Action Pack
2023-01-18 18:21:23
ubuntucve
ubuntucve
CVE-2023-22797
2023-02-09 00:00:00
prion
prion
Open redirect
2023-02-09 20:15:00
cvelist
cvelist
CVE-2023-22797
2023-02-09 00:00:00
cve
cve
CVE-2023-22797
2023-02-09 20:15:11
nvd
nvd
CVE-2023-22797
2023-02-09 20:15:11
redhatcve
redhatcve
CVE-2023-22797
2023-01-26 14:35:55
veracode
veracode
Open Redirect
2023-01-19 02:38:52
debiancve
debiancve
CVE-2023-22797
2023-02-09 20:15:11
rubygems
rubygems
Open Redirect Vulnerability in Action Pack
2023-01-17 21:00:00
osv
osv
Open Redirect Vulnerability in Action Pack
2023-01-18 18:21:23
CVE-2023-22797
2023-02-09 20:15:11
