There is an open redirect in the endpoint /project/switch/{project}
due to the use of symfony’s redirect()
function from a user controlled input.
$targetPath = $request->query->get('targetPath', false);
if ($targetPath) {
return $this->redirect($targetPath);
}
http://127.0.0.1:8080/project/switch/1?targetPath=https://google.com