CVE-2020-15233 MEDIUM

CVE-2020-15233: OAuth2 Redirect URL validity does not respect query parameters and character casing for loopback addresses

Vendor Ory

Product fosite

Weakness CWE-20 · Input validation

Published October 2, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

6.1/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction Required

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

What the vulnerability does

01Description

ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. In Fosite from version 0.30.2 and before version 0.34.1, there is an issue in which an an attacker can override the registered redirect URL by performing an OAuth flow and requesting a redirect URL that is to the loopback adapter. Attackers can provide both custom URL query parameters to their loopback redirect URL, as well as actually overriding the host of the registered redirect URL. These attacks are only applicable in scenarios where the attacker has access over the loopback interface. This vulnerability has been patched in ORY Fosite v0.34.1.

Key dates

02Disclosure timeline

October 2, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-15233 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

CVE-2020-15233: OAuth2 Redirect URL validity does not respect query parameters and character casing for loopback addresses

01Description

02Disclosure timeline

03References

04Related CVE