Headline
GHSA-q9rr-h3hx-m87g: BunkerWeb has Open Redirect Vulnerability in Loading Page
Summary:
A open redirect vulnerability exists in the loading endpoint, allowing attackers to redirect authenticated users to arbitrary external URLs via the “next” parameter.
Details:
The loading endpoint accepts and uses an unvalidated “next” parameter for redirects:
PoC:
Visit: /loading?next=https://google.com while authenticated. The page will redirect to google.com.
Impact:
This vulnerability could be used in phishing attacks by redirecting users from a legitimate application URL to malicious sites.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2024-53264
BunkerWeb has Open Redirect Vulnerability in Loading Page
Moderate severity GitHub Reviewed Published Nov 27, 2024 in bunkerity/bunkerweb • Updated Dec 2, 2024
Package
gomod github.com/bunkerity/bunkerweb (Go)
Affected versions
< 1.5.11
Summary:
A open redirect vulnerability exists in the loading endpoint, allowing attackers to redirect authenticated users to arbitrary external URLs via the “next” parameter.
Details:
The loading endpoint accepts and uses an unvalidated “next” parameter for redirects:
PoC:
Visit: /loading?next=https://google.com while authenticated. The page will redirect to google.com.
Impact:
This vulnerability could be used in phishing attacks by redirecting users from a legitimate application URL to malicious sites.
References
- GHSA-q9rr-h3hx-m87g
- https://nvd.nist.gov/vuln/detail/CVE-2024-53264
Published to the GitHub Advisory Database
Dec 2, 2024