| Titel | KoaJS Koa <=3.0.0 commit cb22d8dc Open Redirect |
|---|
| Beschreibung | In the latest version of Koa (<=3.0.0 commit cb22d8dc ), the back method used for redirect operations adopts an insecure implementation, which uses the user-controllable referrer header as the redirect target. |
|---|
| Quelle | ⚠️ https://github.com/koajs/koa/issues/1892 |
|---|
| Benutzer | ZAST.AI (UID 87884) |
|---|
| Einreichung | 21.07.2025 11:47 (vor 11 Monaten) |
|---|
| Moderieren | 24.07.2025 17:24 (3 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 317514 [KoaJS Koa bis 3.0.0 HTTP Header lib/response.js back Referrer Redirect] |
|---|
| Punkte | 17 |
|---|