Products.PluggableAuthService 2.6.0 Open Redirect

2021.06.02
Credit: Piyush Patil
Risk: Low
Local: No
Remote: Yes
CWE: CWE-601


CVSS Base Score: 5.8/10
Impact Subscore: 4.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: None

# Exploit Title: Products.PluggableAuthService 2.6.0 - Open Redirect # Exploit Author: Piyush Patil # Affected Component: Pluggable Zope authentication/authorization framework # Component Link: https://pypi.org/project/Products.PluggableAuthService/ # Version: < 2.6.1 # CVE: CVE-2021-21337 # Reference: https://github.com/zopefoundation/Products.PluggableAuthService/security/advisories/GHSA-p44j-xrqg-4xrr --------------------------Proof of Concept----------------------- 1- Goto https://localhost/login 2- Turn on intercept and click on the login 3- Change "came_from" parameter value to https://attacker.com 4- User will be redirected to an attacker-controlled website. Fix: pip install "Products.PluggableAuthService>=2.6.1"


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top