GMS-2023-57: Open Redirect Vulnerability in Action Pack

January 18, 2023

This is a duplicate of /gem/actionpack/CVE-2023-22797.yml. There is a vulnerability in Action Controller’s redirect_to. There is a possible open redirect when using the redirect_to helper with untrusted user input. Vulnerable code will look like this: redirect_to(params[:some_param]). Rails 7.0 introduced protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could be bypassed by a carefully crafted URL.

References

github.com/advisories/GHSA-9445-4cr6-336r
github.com/rails/rails/releases/tag/v7.0.4.1

Detect and mitigate GMS-2023-57 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →