URL Redirection to Untrusted Site ('Open Redirect')
CVE-2024-22262
Summary
Applications that use "UriComponentsBuilder" to parse an externally provided URL (e.g. through a query parameter) and perform validation checks on the host of the parsed URL may be vulnerable to an open redirect attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22259 [https://spring.io/security/cve-2024-22259], and CVE-2024-22243 [https://spring.io/security/cve-2024-22243] vulnerabilities, but with different input. This issue affects the package org.springframework:spring-web versions prior to 5.3.34, 6.0.x prior to 6.0.19, and 6.1.x prior to 6.1.6.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- NONE
CWE-601 - Open Redirect
An open redirect attack employs a URL parameter, HTML refresh tags, or a DOM based location change to exploit the trust of a vulnerable domain to direct the users to a malicious website. The attack could lead to higher severity vulnerabilities such as unauthorized access control, account takeover, XSS, and more.
References
Advisory Timeline
- Published