提交 #50339: Open Redirect in apinto-dashboard <= v1.1.0-beta via /login?callback信息

标题Open Redirect in apinto-dashboard <= v1.1.0-beta via /login?callback
描述repo: https://github.com/eolinker/apinto-dashboard 1,Download and unzip the installation package Apinto 2,Start gateway 3,Download and unzip the installation package Apinto Dashboard 4,Start Apinto Dashboard ```bash wget https://github.com/eolinker/apinto/releases/download/v0.8.0/apinto-v0.8.0.linux.x64.tar.gz && tar -zxvf apinto-v0.8.0.linux.x64.tar.gz && cd apinto ./apinto start cd .. wget https://github.com/eolinker/apinto-dashboard/releases/download/v1.1.0-beta/apinto-dashboard-v1.1.0-beta.linux.x64.tar.gz && tar -zxvf apinto-dashboard-v1.1.0-beta.linux.x64.tar.gz && cd apinto-dashboard ./apinto-dashboard ``` open /login?callback=//www.qq.com ![](https://c2.im5i.com/2022/11/01/Xr2UG.png) ![](https://c2.im5i.com/2022/11/01/Xrny6.png) login and then website jump to www.qq.com ![](https://c2.im5i.com/2022/11/01/XrYF5.png)
用户
 Tomy (UID 34751)
提交2022-11-01 12時03分 (4 年前)
管理2022-11-01 16時35分 (5 hours later)
状态已接受
VulDB条目212633 [eolinker apinto-dashboard /login callback Redirect]
积分17

上一步一览下一步

Want to know what is going to be exploited?

We predict KEV entries!