[jira] [Created] (SUPERSET-22) Superset security issue - Redirect vulnerability 2022-02-14

Ville Brofeldt (Jira) Wed, 16 Mar 2022 06:54:04 -0700

Ville Brofeldt created SUPERSET-22:
--------------------------------------

             Summary: Superset security issue - Redirect vulnerability 
2022-02-14
                 Key: SUPERSET-22
                 URL: https://issues.apache.org/jira/browse/SUPERSET-22
             Project: Superset
          Issue Type: Task
            Reporter: Ville Brofeldt



Email thread: [https://lists.apache.org/thread/o378k65nskf0f6l3o85gfrsmvtgtdmfm]

Hi, I have come across an open redirect vulnerability in latest Apache Supsrset 
version (1.4.1). It allows redirects not just to http and https schemes, but 
also to arbitrary protocols like `ftp`. Poc: 
https://superset_url/login/?next=https://any_malicious_domain.com 
https://superset_url/login/?next=ftp://any_malicious_domain.com In some older 
browsers, it might also be possible to convert it into an XSS using 
`javascript:` prefix for scheme specification. Though not critical, this should 
not be allowed as it can be leveraged in different attacks including phishing. 
Please review! Thanks!



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (SUPERSET-22) Superset security issue - Redirect vulnerability 2022-02-14

Reply via email to