exploitDog

CVE-2024-8021

Опубликовано: 20 мар. 2025

Источник: nvd

CVSS3: 5.4

CVSS3: 6.1

EPSS Низкий

Описание

An open redirect vulnerability exists in the latest version of gradio-app/gradio. The vulnerability allows an attacker to redirect users to a malicious website by URL encoding. This can be exploited by sending a crafted request to the application, which results in a 302 redirect to an attacker-controlled site.

Ссылки

https://huntr.com/bounties/adc23067-ec04-47ef-9265-afd452071888
Exploit
Third Party Advisory
https://huntr.com/bounties/adc23067-ec04-47ef-9265-afd452071888
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gradio_project:gradio:-:*:*:*:*:python:*:*

EPSS

Процентиль: 85%

0.02682

Низкий

5.4 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-601

Связанные уязвимости

GHSA-7v2w-h4gh-w5cv

CVSS3: 5.4

github

11 месяцев назад

Gradio Vulnerable to Open Redirect

EPSS

Процентиль: 85%

0.02682

Низкий

5.4 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-601