Internet Bug Bounty: Open Redirect Vulnerability in Action Pack

An open redirect vulnerability was discovered in Action Pack, specifically in the redirectto helper function. This vulnerability allowed for the possibility of an attacker to craft a URL that could bypass the protection against open redirects introduced in Rails 7.0. The vulnerability was fixed i...

GHSA-9445-4CR6-336R Open Redirect Vulnerability in Action Pack

There is a vulnerability in Action Controller’s redirectto. This vulnerability has been assigned the CVE identifier CVE-2023-22797. Versions Affected: = 7.0.0 Not affected: 7.0.0 Fixed Versions: 7.0.4.1 Impact There is a possible open redirect when using the redirectto helper with untrusted user...

Open Redirect Vulnerability in Action Pack

There is a vulnerability in Action Controller’s redirectto. This vulnerability has been assigned the CVE identifier CVE-2023-22797. Versions Affected: = 7.0.0 Not affected: 7.0.0 Fixed Versions: 7.0.4.1 Impact There is a possible open redirect when using the redirectto helper with untrusted user...

Open Redirect Vulnerability in Action Pack

There is a vulnerability in Action Controller’s redirectto. This vulnerability has been assigned the CVE identifier CVE-2023-22797. Versions Affected: = 7.0.0 Not affected: 7.0.0 Fixed Versions: 7.0.4.1 Impact There is a possible open redirect when using the redirectto helper with untrusted user...