Lucene search
GoogleOSV:CVE-2021-23435HistorySep 12, 2021 - 8:15 p.m.
CVE-2021-23435
2021-09-1220:15:07
Google
osv.dev
7
This affects the package clearance before 2.5.0. The vulnerability can be possible when users are able to set the value of session[:return_to]. If the value used for return_to contains multiple leading slashes (/////example.com) the user ends up being redirected to the external domain that comes after the slashes (http://example.com).
Related
prion
prion
Design/Logic Flaw
2021-09-12 20:15:00
cvelist
cvelist
CVE-2021-23435 Open Redirect
2021-09-12 00:00:00
nvd
nvd
CVE-2021-23435
2021-09-12 20:15:07
cve
cve
CVE-2021-23435
2021-09-12 20:15:07
veracode
veracode
Open Redirect
2021-09-13 04:46:29
osv
osv
Clearance Gem Open Redirect Vulnerability
2021-09-13 20:05:09
huntr
huntr
Prototype Pollution in jonschlinkert/set-value
2021-08-30 09:41:30
github
github
Clearance Gem Open Redirect Vulnerability
2021-09-13 20:05:09
thn
thn
Researchers Find Bugs in Over A Dozen Widely Used URL Parser Libraries
2022-01-10 14:35:00
threatpost
threatpost
URL Parsing-Library Bugs Allow DoS, RCE, Spoofing & More
2022-01-10 17:55:00