CVE-2021-23435
URL Redirection to Untrusted Site (Open Redirect) in gem/clearance
Identifiers
CVE-2021-23435
Package Slug
gem/clearance
Vulnerability
URL Redirection to Untrusted Site (Open Redirect)
Description
This affects the package clearance The vulnerability can be possible when users are able to set the value of session[:return_to].
Affected Versions
All versions before 2.5.0
Solution
Upgrade to version 2.5.0 or above.
Last Modified
2021-09-24
| source |