| عنوان | kanwangzjm funiture master branch Open Redirect |
|---|
| الوصف | In the project funiture, the endpoint /login.do and /user/login.page lack validation for the redirect URL.
The application trusts user-controlled input for redirect targets (HttpServletRequest parameter 'ret') may redirect victims to attacker-controlled domains, facilitating phishing or social engineering attacks.
Project Link: https://github.com/kanwangzjm/funiture
Affected Version: master branch
Affected API: /login.do and /user/login.page
Code Location: /funiture-master/src/main/java/com/app/mvc/acl/servlet/LoginServlet.java:32 and /funiture-master/src/main/java/com/app/mvc/acl/controller/UserController.java:25 |
|---|
| المصدر | ⚠️ https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250510-01.md |
|---|
| المستخدم | ShenxiuSecurity (UID 84374) |
|---|
| ارسال | 10/05/2025 02:21 AM (1 سنة منذ) |
|---|
| الاعتدال | 16/05/2025 04:37 PM (7 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 309306 [kanwangzjm Funiture حتى 71ca0fb0658b3d839d9e049ac36429207f05329b Login LoginServlet.java doPost ret Redirect] |
|---|
| النقاط | 20 |
|---|