Medium

fastchat

Open Redirect Vulnerability

An open redirect vulnerability was found in Release v0.2.36 of the software, allowing unauthenticated attackers to redirect users to arbitrary websites via a specially crafted URL. The issue has not yet been patched.

Available publicly on Dec 30 2024

6.1

CVE:

CVE-2024-10908

CWE:

601:URL Redirection to Untrusted Site

CVSS:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Credit:

mnqazi
AssessDetect

Premium

Remediate
Remediation Steps
  1. Validate and sanitize all user-controlled input used in URL redirections.
  2. Implement a whitelist of allowed URLs for redirection.
  3. Update the software to a version that includes these security measures.
  4. Educate users about the risks of clicking on untrusted links.
Patch Details
  • Fixed Version: N/A
  • Patch Commit: N/A
Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have - related security advisories that are available with Sightline Premium.