CVE-2022-47500: URL Redirection to Untrusted Site ('Open Redirect')

December 19, 2022

URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to 1.0.4. Solution: removed the the forward component since it was improper designed for UI embedding. User please upgrade to 1.1.0 to fix this issue.

References

github.com/advisories/GHSA-mhxg-2xf7-4xwx
lists.apache.org/thread/lr74xtxxbb1t3dfn5qzzwl2xjr3qlbmh
nvd.nist.gov/vuln/detail/CVE-2022-47500

Detect and mitigate CVE-2022-47500 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →