Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Duende IdentityServer Open Redirect vulnerability
Vulnerability Description
Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it to a third-party, untrusted site. Note: by itself, this vulnerability does **not** allow an attacker to obtain user credentials, authorization codes, access tokens, refresh tokens, or identity tokens. An attacker could however exploit this vulnerability as part of a phishing attack designed to steal user credentials. This vulnerability is fixed in 7.0.6, 6.3.10, 6.2.5, 6.1.8, and 6.0.5. Duende.IdentityServer 5.1 and earlier and all versions of IdentityServer4 are no longer supported and will not be receiving updates. If upgrading is not possible, use `IUrlHelper.IsLocalUrl` from ASP.NET Core to validate return Urls in user interface code in the IdentityServer host.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Duende IdentityServer 安全漏洞
Vulnerability Description
Duende IdentityServer是Duende开源的一个适用于 ASP.NET Core 的、符合标准的 OpenID Connect 和 OAuth 2.x 框架。 Duende IdentityServer存在安全漏洞,该漏洞源于某些函数会错误地将恶意构造的URL视为本地和可信的。攻击者可以利用这个漏洞作为钓鱼攻击的一部分,从而窃取用户凭证。以下版本受到影响:7.0.5及之前版本、6.3.9及之前版本、6.2.4及之前版本、6.1.7及之前版本和6.0.4及之前版本。
CVSS Information
N/A
Vulnerability Type
N/A