CVE-2023-22298: pgAdmin 4 Open Redirect vulnerability
(updated )
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
References
- github.com/advisories/GHSA-894c-rg7f-3c62
- github.com/pgadmin-org/pgadmin4
- github.com/pgadmin-org/pgadmin4/issues/5343
- jvn.jp/en/jp/JVN03832974/index.html
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPH
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPH
- nvd.nist.gov/vuln/detail/CVE-2023-22298
- www.pgadmin.org/
Detect and mitigate CVE-2023-22298 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →