CVE-2022-38131
published 2022-09-06CVE-2022-38131: RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites.
PriorityP334medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
1.29%
66.7th percentile
RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
RStudio Connect redirect (EUVD-2022-40733)
vuldb·2026-06-22·CVSS 6.1
CVE-2022-38131 [MEDIUM] RStudio Connect redirect (EUVD-2022-40733)
A vulnerability categorized as problematic has been discovered in RStudio Connect. Affected is an unknown function. The manipulation results in open redirect.
This vulnerability is known as CVE-2022-38131. Access to the local network is required for this attack. No exploit is available.
GHSA
GHSA-wqcx-vpc9-7hv3: RStudio Connect is affected by an Open Redirect issue
ghsa_unreviewed·2022-09-07
CVE-2022-38131 [MEDIUM] CWE-601 GHSA-wqcx-vpc9-7hv3: RStudio Connect is affected by an Open Redirect issue
RStudio Connect is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites.
No detection rules found.
Nuclei
RStudio Connect - Open Redirect
nuclei·CVSS 6.1
CVE-2022-38131 [MEDIUM] RStudio Connect - Open Redirect
RStudio Connect - Open Redirect
RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites.
Template:
id: CVE-2022-38131
info:
name: RStudio Connect - Open Redirect
author: xxcdd
severity: medium
description: |
RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites.
impact: |
An attacker can exploit the vulnerability to redirect users to malicious websites, potentially leading to phishing attacks or other security breaches.
remediation: |
This issue is fixed in Connect v2023.05. Additionally, for users running Connect v1.7.2 and later, the issue is resolvable via a configuration setting ment
2022-09-06
Published