| Title | GLPI-Project GLPI 10.0.17 Open Redirect |
|---|
| Description | Summary
The endpoint blackgate.us1.glpi-network.cloud/index.php?redirect=/%5Cblackgate.us1.glpi-network.cloud%40bxss.me is potentially vulnerable to URL redirection attacks. This vulnerability allows attackers to redirect users to malicious websites, which can be used for phishing attacks.
Details
The vulnerability lies in the way the endpoint handles URL redirection. By manipulating the redirect parameter, an attacker can redirect users to an arbitrary URL. This can be exploited by crafting a URL that appears to be legitimate but redirects to a malicious site.
Example of the vulnerable code:
// Example code snippet
$redirect_url = $_GET['redirect'];
header("Location: $redirect_url");
exit();
PoC
To reproduce the vulnerability, follow these steps:
Navigate to the vulnerable endpoint: blackgate.us1.glpi-network.cloud/index.php?redirect=/%5Cblackgate.us1.glpi-network.cloud%40bxss.me
Observe that the user is redirected to the specified URL in the redirect parameter.
Impact
This is a URL redirection vulnerability, which can be exploited for phishing attacks. Any user who clicks on a maliciously crafted link can be redirected to a phishing site, potentially compromising their personal information. |
|---|
| Source | ⚠️ https://github.com/glpi-project/glpi/security/advisories/GHSA-g5fm-jq4j-c2c7 |
|---|
| User | Anonymous User |
|---|
| Submission | 11/25/2024 10:28 AM (5 months ago) |
|---|
| Moderation | 02/25/2025 04:07 PM (3 months later) |
|---|
| Status | Accepted |
|---|
| VulDB Entry | 296809 [GLPI up to 10.0.17 /index.php redirect] |
|---|
| Points | 20 |
|---|