CVE-2021-22942
gem/rails
URL Redirection to Untrusted Site ('Open Redirect')
A possible open redirect vulnerability in the Host Authorization middleware in Action Pack that could allow attackers to redirect users to a malicious website.
All versions starting from 6.0.0 before 6.0.4.1, all versions starting from 6.1.0 before 6.1.4.1
Upgrade to versions 6.0.4.1, 6.1.4.1 or above.
2021-10-22
source |