Описание
GHSL-2024-288: SickChill open redirect in login
SickChill is an automatic video library manager for TV shows. A user-controlled login endpoint's next_ parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open redirect. Commit c7128a8946c3701df95c285810eb75b2de18bf82 changes the login page to redirect to settings.DEFAULT_PAGE instead of to the next parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-53995
- https://github.com/SickChill/sickchill/pull/8811
- https://github.com/SickChill/sickchill/commit/c7128a8946c3701df95c285810eb75b2de18bf82
- https://github.com/SickChill/sickchill/blob/846adafdfab579281353ea08a27bbb813f9a9872/sickchill/views/authentication.py#L33
- https://securitylab.github.com/advisories/GHSL-2024-283_GHSL-2024-291_sickchill_sickchill
Пакеты
sickchill
<= 2024.3.1
Отсутствует
Связанные уязвимости
SickChill is an automatic video library manager for TV shows. A user-controlled `login` endpoint's `next_` parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open redirect. Commit c7128a8946c3701df95c285810eb75b2de18bf82 changes the login page to redirect to `settings.DEFAULT_PAGE` instead of to the `next` parameter.