6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
21.0%
There is a vulnerability in Action Controller’s redirect_to. This
vulnerability has been assigned the CVE identifier CVE-2023-22797.
Versions Affected: >= 7.0.0
Not affected: < 7.0.0
Fixed Versions: 7.0.4.1
There is a possible open redirect when using the redirect_to helper with
untrusted user input.
Vulnerable code will look like this:
redirect_to(params[:some_param])
Rails 7.0 introduced protection against open redirects from calling
redirect_to with untrusted user input. In prior versions the developer was
fully responsible for only providing trusted input. However the check
introduced could be bypassed by a carefully crafted URL.
All users running an affected release should either upgrade or use one of
the workarounds immediately.
There are no feasible workarounds for this issue.
CPE | Name | Operator | Version |
---|---|---|---|
actionpack | lt | 7.0.0 | |
actionpack | lt | 7.0.4.1 |