Multiple Open Redirect in nitely/spirit
Reported on
Feb 21st 2022
Description
In the /user/login endpoint, it doesnt check the value of the next parameter when the user is logged in and pass it directly to redirect which result to open redirect. The bug also exist in /user/logout, /user/register, /user/login, /user/resend-activation.
Proof of Concept
1. Go to http://127.0.0.1:8000/user/login/?next=https://evil.com
Impact
This bug result to open redirect.
SECURITY.md
3 months ago
I fixed this (https://github.com/nitely/Spirit/pull/308), thanks for reporting
Awesome, Thanks, Hi @admin , could i request a cve for this bug?
Once the fix has been confirmed, and if the maintainer is happy for one to be assigned, we will go ahead and publish a CVE.
@maintainer - could you please confirm fix
and let us know if you are happy to assign a CVE for this report?
Hi -- done. You can assign a CVE if you want. Thanks again!