Open Redirect via URL Encoding
An open redirect vulnerability was discovered in the latest version of the software, allowing attackers to redirect users to malicious websites. This issue was reported on July 3, 2024, and has not yet been patched.
Available publicly on Oct 01 2024
Remediation Steps
- Validate and sanitize all user input to ensure it does not contain malicious URLs.
- Implement a whitelist of allowed URLs for redirection.
- Update the software to the latest version once a patch is available.
- Educate users about the risks of clicking on unknown or suspicious links.
Patch Details
- Fixed Version: N/A
- Patch Commit: N/A
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.