Multiple Open Redirect in nitely/spirit
Valid
Reported on
Feb 21st 2022
Description
In the /user/login endpoint, it doesnt check the value of the next parameter when the user is logged in and pass it directly to redirect which result to open redirect. The bug also exist in /user/logout, /user/register, /user/login, /user/resend-activation.
Proof of Concept
1. Go to http://127.0.0.1:8000/user/login/?next=https://evil.com
Impact
This bug result to open redirect.
We are processing your report and will contact the
nitely/spirit
team within 24 hours.
a year ago
noobexploiterhuntrdev modified the report
a year ago
We created a
GitHub Issue
asking the maintainers to create a
SECURITY.md
a year ago
We have contacted a member of the
nitely/spirit
team and are waiting to hear back
a year ago
I fixed this (https://github.com/nitely/Spirit/pull/308), thanks for reporting
Awesome, Thanks, Hi @admin , could i request a cve for this bug?
Once the fix has been confirmed, and if the maintainer is happy for one to be assigned, we will go ahead and publish a CVE.
@maintainer - could you please confirm fix and let us know if you are happy to assign a CVE for this report?
We have sent a
fix follow up to the
nitely/spirit
team.
We will try again in 7 days.
a year ago
We have sent a
second
fix follow up to the
nitely/spirit
team.
We will try again in 10 days.
a year ago
views.py#L76
has been validated
views.py#L65
has been validated
views.py#L138
has been validated
views.py#L96
has been validated
to join this conversation