CVE-2021-44528: A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain…

medium6.1CVSS 3.1

AVNACLPRNUIRSCCLILAN

EXPLOIT

A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.

Affected

11 ranges

Vendor	Product	Version range	Fixed in
actionpack_project	actionpack	>= 6.0.0 < 6.0.4.2	6.0.4.2
actionpack_project	actionpack	>= 6.1.0 < 6.1.4.2	6.1.4.2
debian	rails	< rails 2:6.1.4.6+dfsg-1 (bookworm)	rails 2:6.1.4.6+dfsg-1 (bookworm)
https	github.com_rails_rails	—	—
rubyonrails	rails	—	—
rubyonrails	rails	—	—
rubyonrails	rails	—	—
rubyonrails	rails	>= 0 < 2:6.0.3.7+dfsg-2+deb11u1	2:6.0.3.7+dfsg-2+deb11u1
rubyonrails	rails	>= 0 < 2:6.1.4.6+dfsg-1	2:6.1.4.6+dfsg-1
rubyonrails	rails	>= 0 < 2:6.1.4.6+dfsg-1	2:6.1.4.6+dfsg-1
rubyonrails	rails	>= 0 < 2:6.1.4.6+dfsg-1	2:6.1.4.6+dfsg-1

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

ghsa6.1MEDIUM

osv6.1MEDIUM