Skip to main content

URL Redirection to Untrusted Site ('Open Redirect')

CVE-2024-22262

Severity High
Score 8.1/10

Summary

Applications that use "UriComponentsBuilder" to parse an externally provided URL (e.g. through a query parameter) and perform validation checks on the host of the parsed URL may be vulnerable to an open redirect attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22259 [https://spring.io/security/cve-2024-22259], and CVE-2024-22243 [https://spring.io/security/cve-2024-22243] vulnerabilities, but with different input. This issue affects the package org.springframework:spring-web versions prior to 5.3.34, 6.0.x prior to 6.0.19, and 6.1.x prior to 6.1.6.

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • REQUIRED
  • NONE
  • HIGH
  • NONE

CWE-601 - Open Redirect

An open redirect attack employs a URL parameter, HTML refresh tags, or a DOM based location change to exploit the trust of a vulnerable domain to direct the users to a malicious website. The attack could lead to higher severity vulnerabilities such as unauthorized access control, account takeover, XSS, and more.

Advisory Timeline

  • Published