CVE-2023-22797 — Open Redirect in Rails

CWE-601 — Open Redirect8 documents7 sources

Severity

6.1MEDIUMNVD

EPSS

0.1%

top 66.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Actionpack Project Actionpack Rubyonrails Rails Https Github.com Rails Rails

Timeline

PublishedFeb 9

Description

An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages4 packages

▶NVDrubyonrails/rails7.0.0 — 7.0.4.1

▶CVEListV5https/github.com_rails_rails7.0.4.1

▶NVDactionpack_project/actionpack7.0.0 — 7.0.4.1

▶RubyGemsactionpack_project/actionpack7.0.0 — 7.0.4.1

🔴Vulnerability Details

CVEList

CVE-2023-22797: An open redirect vulnerability is fixed in Rails 7↗2023-02-09

▶

OSV

CVE-2023-22797: An open redirect vulnerability is fixed in Rails 7↗2023-02-09

▶

OSV

Open Redirect Vulnerability in Action Pack↗2023-01-18

▶

GHSA

Open Redirect Vulnerability in Action Pack↗2023-01-18

▶

📋Vendor Advisories

Red Hat

rubygem-actionpack: Open Redirect Vulnerability in Action Controller↗2023-01-20

▶

Debian

CVE-2023-22797: rails - An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection...↗2023

▶