The "next" parameter is used here and there in the Dasboard.
http://10.122.185.2/auth/login/?next=http://www.heise.de
Redirects to www.heise.de.
Instead of redirecting to heise and attacker can redirect to a cloned Dasboard to steal information, so called Phishing Attack.
CWE-601: URL Redirection to Untrusted Site ('Open Redirect') http://cwe.mitre.org/data/definitions/601.html
We had an equal issue in SUSE Manager / Spacewalk: https://bugzilla.redhat.com/show_bug.cgi?id=672167
Folsom seems to be safe, but it effects Essex.
https://github.com/gabrielhurley/django_openstack_auth/pull/7
The solution was that the string has to start with "/" (so no URL scheme is allowed) AFAIR.
The "next" parameter is used here and there in the Dasboard.
http:// 10.122. 185.2/auth/ login/? next=http: //www.heise. de
Redirects to www.heise.de.
Instead of redirecting to heise and attacker can redirect to a cloned Dasboard
to steal information, so called Phishing Attack.
CWE-601: URL Redirection to Untrusted Site ('Open Redirect') cwe.mitre. org/data/ definitions/ 601.html
http://
We had an equal issue in SUSE Manager / Spacewalk: /bugzilla. redhat. com/show_ bug.cgi? id=672167
https:/
Folsom seems to be safe, but it effects Essex.
https:/ /github. com/gabrielhurl ey/django_ openstack_ auth/pull/ 7
The solution was that the string has to start with "/" (so no URL scheme is
allowed) AFAIR.