CVE-2021-32645: URL Redirection to Untrusted Site (Open Redirect)

May 27, 2021 (updated June 8, 2021)

Tenancy multi-tenant is an open source multi-domain controller for the Laravel web framework. In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for installations where the default Hostname Identification is used and the environment uses tenants that have force_https set to true (the default is false).

References

nvd.nist.gov/vuln/detail/CVE-2021-32645

Detect and mitigate CVE-2021-32645 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →