CVE-2024-1440
published 2025-06-02CVE-2024-1440: An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when…
PriorityP429medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.20%
10.2th percentile
An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A malicious actor can craft a valid link that redirects users to an attacker-controlled site.
By exploiting this vulnerability, an attacker may trick users into visiting a malicious page, enabling phishing attacks to harvest sensitive information or perform other harmful actions.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wso2 | api_manager | — | — |
| wso2 | api_manager | — | — |
| wso2 | api_manager | — | — |
| wso2 | identity_server | — | — |
| wso2 | identity_server | — | — |
| wso2 | identity_server | — | — |
| wso2 | identity_server | — | — |
| wso2 | identity_server | — | — |
| wso2 | identity_server_as_key_manager | — | — |
| wso2 | wso2_api_manager | >= 3.1.0 < 3.1.0.262 | 3.1.0.262 |
| wso2 | wso2_api_manager | >= 3.2.0 < 3.2.0.344 | 3.2.0.344 |
| wso2 | wso2_api_manager | >= 4.0.0 < 4.0.0.296 | 4.0.0.296 |
| wso2 | wso2_carbon_identity_application_authentication_endpoint | >= 5.17.5 < 5.17.5.256 | 5.17.5.256 |
| wso2 | wso2_carbon_identity_application_authentication_endpoint | >= 5.18.187 < 5.18.187.257 | 5.18.187.257 |
| wso2 | wso2_carbon_identity_application_authentication_endpoint | >= 5.23.8 < 5.23.8.174 | 5.23.8.174 |
| wso2 | wso2_carbon_identity_application_authentication_endpoint | >= 5.25.92 < 5.25.92.77 | 5.25.92.77 |
| wso2 | wso2_carbon_identity_application_authentication_endpoint | >= 7.0.78 < 7.0.78.18 | 7.0.78.18 |
| wso2 | wso2_identity_server | >= 5.10.0 < 5.10.0.278 | 5.10.0.278 |
| wso2 | wso2_identity_server | >= 5.11.0 < 5.11.0.347 | 5.11.0.347 |
| wso2 | wso2_identity_server | >= 6.0.0 < 6.0.0.185 | 6.0.0.185 |
| wso2 | wso2_identity_server | >= 6.1.0 < 6.1.0.145 | 6.1.0.145 |
| wso2 | wso2_identity_server | >= 7.0.0 < 7.0.0.30 | 7.0.0.30 |
| wso2 | wso2_identity_server_as_key_manager | >= 5.10.0 < 5.10.0.298 | 5.10.0.298 |
| wso2 | wso2_open_banking_am | >= 2.0.0 < 2.0.0.308 | 2.0.0.308 |
| wso2 | wso2_open_banking_iam | >= 2.0.0 < 2.0.0.327 | 2.0.0.327 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
WSO2 is vulnerable to Open Redirect through multi-option URL in its authentication endpoint
ghsa·2025-06-02
CVE-2024-1440 [MEDIUM] CWE-601 WSO2 is vulnerable to Open Redirect through multi-option URL in its authentication endpoint
WSO2 is vulnerable to Open Redirect through multi-option URL in its authentication endpoint
An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A malicious actor can craft a valid link that redirects users to an attacker-controlled site.
By exploiting this vulnerability, an attacker may trick users into visiting a malicious page, enabling phishing attacks to harvest sensitive information or perform other harmful actions.
OSV
WSO2 is vulnerable to Open Redirect through multi-option URL in its authentication endpoint
osv·2025-06-02
CVE-2024-1440 [MEDIUM] WSO2 is vulnerable to Open Redirect through multi-option URL in its authentication endpoint
WSO2 is vulnerable to Open Redirect through multi-option URL in its authentication endpoint
An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A malicious actor can craft a valid link that redirects users to an attacker-controlled site.
By exploiting this vulnerability, an attacker may trick users into visiting a malicious page, enabling phishing attacks to harvest sensitive information or perform other harmful actions.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-06-02
Published