CVE-2021-22942

URL Redirection to Untrusted Site ('Open Redirect') in gem/rails

Identifiers

CVE-2021-22942

Package Slug

gem/rails

Vulnerability

URL Redirection to Untrusted Site ('Open Redirect')

Description

A possible open redirect vulnerability in the Host Authorization middleware in Action Pack that could allow attackers to redirect users to a malicious website.

Affected Versions

All versions starting from 6.0.0 before 6.0.4.1, all versions starting from 6.1.0 before 6.1.4.1

Solution

Upgrade to versions 6.0.4.1, 6.1.4.1 or above.

Last Modified

2021-10-22

source