An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provided malicious URL.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2020/12/08/2 | Mailing List Patch Third Party Advisory |
https://bugs.launchpad.net/horizon/+bug/1865026 | Exploit Issue Tracking Third Party Advisory |
https://review.opendev.org/c/openstack/horizon/+/758841/ | Patch Third Party Advisory |
https://review.opendev.org/c/openstack/horizon/+/758843/ | Patch Third Party Advisory |
https://security.openstack.org/ossa/OSSA-2020-008.html | Patch Vendor Advisory |
https://www.debian.org/security/2020/dsa-4820 | Third Party Advisory |
Configurations
History
09 Mar 2021, 15:08
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://bugs.launchpad.net/horizon/+bug/1865026 - Exploit, Issue Tracking, Third Party Advisory | |
References | (MISC) https://review.opendev.org/c/openstack/horizon/+/758843/ - Patch, Third Party Advisory | |
References | (CONFIRM) https://security.openstack.org/ossa/OSSA-2020-008.html - Patch, Vendor Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2020/12/08/2 - Mailing List, Patch, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4820 - Third Party Advisory | |
References | (MISC) https://review.opendev.org/c/openstack/horizon/+/758841/ - Patch, Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
28 Dec 2020, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-12-04 08:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-29565
Mitre link : CVE-2020-29565
CVE.ORG link : CVE-2020-29565
JSON object : View
Products Affected
debian
- debian_linux
openstack
- horizon
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')