Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
URL Redirection to Untrusted Site ('Open Redirect') in github.com/AndrewBurian/powermux
Vulnerability Description
PowerMux is a drop-in replacement for Go's http.ServeMux. In PowerMux versions prior to 1.1.1, attackers may be able to craft phishing links and other open redirects by exploiting the trailing slash redirection feature. This may lead to users being redirected to untrusted sites after following an attacker crafted link. The issue is resolved in v1.1.1. There are no existing workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
PowerMux 输入验证错误漏洞
Vulnerability Description
PowerMux是一个应用软件。http.ServeMux具有所有缺失功能的Go 的替代品。 PowerMux 1.1.1之前版本存在安全漏洞,攻击者能够通过利用尾部斜杠重定向功能来制作网络钓鱼链接和其他开放重定向。
CVSS Information
N/A
Vulnerability Type
N/A