Open Redirect

2023-11-2808:09:41

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

mattermost

open redirect

missing validation

redirect url

vulnerability

custom url scheme

protection mechanism

privileges

exploitation

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

7.2 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.0%

JSON

mattermost is vulnerable to Open Redirect. The vulnerability is caused due to a missing validation at redirect URL parameter. The application fails to validate the custom URL scheme /oauth/{service}/mobile_login?redirect_to=, once a user clicks “Back to mattermost”. The attacker can bypass protection mechanism or gain privileges by exploiting this vulnerability.

CPENameOperatorVersion
github.com/mattermost/mattermostlev9.1.0-rc2
github.com/mattermost/mattermostlev9.0.1-rc1
github.com/mattermost/mattermostlev7.8.12
github.com/mattermost/mattermostlev8.1.3
github.com/mattermost/mattermostlev9.1.0-rc2
github.com/mattermost/mattermostlev9.0.1-rc1
github.com/mattermost/mattermostlev7.8.12
github.com/mattermost/mattermostlev8.1.3

Name	Operator	Version
github.com/mattermost/mattermost	le	v9.1.0-rc2
github.com/mattermost/mattermost	le	v9.0.1-rc1
github.com/mattermost/mattermost	le	v7.8.12
github.com/mattermost/mattermost	le	v8.1.3
github.com/mattermost/mattermost	le	v9.1.0-rc2
github.com/mattermost/mattermost	le	v9.0.1-rc1
github.com/mattermost/mattermost	le	v7.8.12
github.com/mattermost/mattermost	le	v8.1.3