[MAGNOLIA-7167] Open Redirect Vulnerabilities Created: 28/Sep/17 Updated: 15/Jun/21 Resolved: 15/Jun/21 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | security |
| Affects Version/s: | 5.4.11 |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Critical |
| Reporter: | Philipp Bärfuss | Assignee: | Unassigned |
| Resolution: | Duplicate | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Template: |
|
||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
||||||||||||||||
| Date of First Response: | |||||||||||||||||
| Description |
|
In MAGNOLIA-5991 the option to do a GET login with additional parameters were removed to avoid malicious links. But there are valid use cases for redirects after logins and this was addressed in Example Link: http://localhost:8080/konto?mgnlReturnTo=http%3A%2F%2Fexample.com%2Fnext More on the topic: https://www.trustwave.com/Resources/SpiderLabs-Blog/Understanding-and-Discovering-Open-Redirect-Vulnerabilities/ A solution would be to keep the support for mglnReturnTo but maintain a white list of allowed urls and parameter names. |
| Comments |
| Comment by Federico Grilli [ 15/Jun/21 ] |
|
Solved by MAGNOLIA-7915 |