2 matches found
CVE-2020-12283
Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of improper validation in the SafeRedirectURL method in cmd/frontend/auth/redirect.go, such as for the //foo//example.com substring...
CVE-2020-12283
Sourcegraph before 3.15.1 is affected by an improper validation in the SafeRedirectURL method (cmd/frontend/auth/redirect.go), leading to a vulnerable authentication workflow (example: //foo//example.com). The issue is tied to the authentication redirect logic and can enable an open redirect/auth...