Lucene search
GoogleOSV:CVE-2020-12283HistoryApr 30, 2020 - 5:15 a.m.
CVE-2020-12283
2020-04-3005:15:11
Google
osv.dev
5
Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of improper validation in the SafeRedirectURL method in cmd/frontend/auth/redirect.go, such as for the //foo//example.com substring.
References
github.com/sourcegraph/sourcegraph/blob/master/CHANGELOG.md
github.com/sourcegraph/sourcegraph/commit/c0f48172e815c7f66471a38f0a06d1fc32a77a64
github.com/sourcegraph/sourcegraph/compare/v3.15.0...v3.15.1
github.com/sourcegraph/sourcegraph/pull/10167
securitylab.github.com/advisories/GHSL-2020-085-sourcegraph
Related
cve
cve
CVE-2020-12283
2020-04-30 05:15:11
github
github
Open redirect vulnerability in Sourcegraph
2021-12-20 18:12:47
prion
prion
Input validation
2020-04-30 05:15:00
cvelist
cvelist
CVE-2020-12283
2020-04-30 04:07:29
veracode
veracode
Authentication Bypass
2020-05-04 06:32:31
osv
osv
Open redirect vulnerability in Sourcegraph
2021-12-20 18:12:47
nvd
nvd
CVE-2020-12283
2020-04-30 05:15:11