Open Redirect in OAuth2 Proxy

In OAuth2 Proxy before 5.1.1, there is an open redirect vulnerability. Users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect URL is checked within the proxy and validated before redirecting the user to prevent malicious actors providing redirects to potentially harmful sites. However, by crafting a redirect URL with HTML encoded whitespace characters the validation could be bypassed and allow a redirect to any URL provided. This has been patched in 5.1.1.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

指向未可信站点的URL重定向(开放重定向)

OAuth2 Proxy 输入验证错误漏洞

OAuth2 Proxy是一款能够提供与Google、Github或其他提供商进行身份验证的反向代理。 OAuth2 Proxy 5.1.1之前版本中存在输入验证错误漏洞。攻击者可借助特制的重定向URL利用该漏洞绕过验证并将用户重定向到所提供的任意URL上。

N/A

N/A