CVE-2021-23435
HIGHclearance < 2.5.0 - Open Redirect via Session Return To Parameter
Title source: llmDescription
This affects the package clearance before 2.5.0. The vulnerability can be possible when users are able to set the value of session[:return_to]. If the value used for return_to contains multiple leading slashes (/////example.com) the user ends up being redirected to the external domain that comes after the slashes (http://example.com).
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://snyk.io/vuln/SNYK-RUBY-CLEARANCE-1577284
Patch, Third Party Advisory x_refsource_misc
https://github.com/thoughtbot/clearance/pull/945
Scores
CVSS v3
7.6
EPSS
0.0028
EPSS Percentile
51.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
Details
CWE
CWE-601
Status
published
Products (2)
rubygems/clearance
0 - 2.5.0RubyGems
thoughtbot/clearance
< 2.5.0
Published
Sep 12, 2021
Tracked Since
Feb 18, 2026