2 matches found
Authelia allows open redirects on the logout endpoint
Impact Utilizing a HTTP query parameter an attacker is able to redirect users from the web application to any domain. The URL of the intended redirect should always be checked for safety prior to forwarding the user. Other endpoints of the web application already do this, they check both that the...
GHSA-36F2-FCRX-FP4J Authelia allows open redirects on the logout endpoint
Impact Utilizing a HTTP query parameter an attacker is able to redirect users from the web application to any domain. The URL of the intended redirect should always be checked for safety prior to forwarding the user. Other endpoints of the web application already do this, they check both that the...