CVE-2021-4260: URL Redirection to Untrusted Site ('Open Redirect')

December 19, 2022

A vulnerability was found in oils-js. It has been declared as critical. This vulnerability affects unknown code of the file core/Web.js. The manipulation leads to open redirect. The attack can be initiated remotely. The name of the patch is fad8fbae824a7d367dacb90d56cb02c5cb999d42. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216268.

References

github.com/advisories/GHSA-v279-v2xm-whq9
github.com/mannyvergel/oils-js/commit/fad8fbae824a7d367dacb90d56cb02c5cb999d42
nvd.nist.gov/vuln/detail/CVE-2021-4260
vuldb.com/?id.216268
web.archive.org/web/20211204010604/https://www.npmjs.com/package/oils

Code Behaviors & Features

Detect and mitigate CVE-2021-4260 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →