3 matches found
URL Redirection to Untrusted Site ('Open Redirect')
Impact There's no protection against URL redirection to untrusted site, in particular some well known parameters xredirect can be used to perform such redirections. Patches The problem has been patched in XWiki 12.10.7 and XWiki 13.3RC1. Workarounds There's no known workaround for this issue...
GHSA-JP55-VVMF-63MV URL Redirection to Untrusted Site ('Open Redirect')
Impact There's no protection against URL redirection to untrusted site, in particular some well known parameters xredirect can be used to perform such redirections. Patches The problem has been patched in XWiki 12.10.7 and XWiki 13.3RC1. Workarounds There's no known workaround for this issue...
CVE-2022-23618
XWiki Platform contains an open redirect vulnerability where certain URL parameters (notably xredirect) allow redirection to untrusted sites. Affected releases are XWiki Platform prior to the patches, with fixes implemented in XWiki 12.10.7 and XWiki 13.3RC1. Connected advisories and sources corr...