URL Redirection to Untrusted Site ('Open Redirect')

CVE-2021-30185

High

7.5/10

Summary

CERN Indico before 2.3.4 and Flask-Multipass before 0.3.5 can use an attacker-supplied Host header in a password reset link.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: NONE

CWE-601 - Open Redirect

An open redirect attack employs a URL parameter, HTML refresh tags, or a DOM based location change to exploit the trust of a vulnerable domain to direct the users to a malicious website. The attack could lead to higher severity vulnerabilities such as unauthorized access control, account takeover, XSS, and more.

References

Advisory
Issue
Indico fix #2

Advisory Timeline

Published Apr 07, 2021

URL Redirection to Untrusted Site ('Open Redirect')

CVE-2021-30185

Summary

CWE-601 - Open Redirect

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS