Vulnerability identifier: #VU16615
Vulnerability risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-601
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Symfony
Web applications /
CMS
Vendor: SensioLabs
Description
The vulnerability allows a remote unauthenticated attacker to redirect the target user to external websites.
The weakness exists due to improper sanitization of user-supplied data. A remote attacker can use backslashes in the `_failure_path` input field of login forms, work around the redirection target restrictions and effectively redirect the user to any domain after login.
Mitigation
The vulnerability has been fixed in the versions 2.7.50, 2.8.49, 3.4.20, 4.0.15, 4.1.9 and 4.2.1.
Vulnerable software versions
Symfony: 2.7.0 - 4.2.0
External links
http://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.