Thursday, 10 September 2015

Web2py 2.9.11 Open Redirection Vulnerability , CVE-2015-6961

Web2py Open Redirection Vulnerability Technical Details & POC.

# Vulnerability Title : Web2py 2.9.11  Open Redirection Vulnerability
# Reported Date      : 27-Jan-2014
# Fixed Date             : 2-July-2015
#  Author                   : Narendra Bhati
# CVE ID                  : CVE-2015-6961
# Additional Links –

1. Description

Web2py 2.9.11 A Python based framework was vulnerable to Open Redirection Vulnerability

The logout page "" is vulnerable to Open Redirection Vulnerability

We can enter any external URL in "_next" GET parameter , Whenever user will access to this url he will get redirected to external site ( attacker site )  - Authentication Is Not Required To Exploit This.

This can exploited only if we have admin panel credentials

Vulnerable URL

Vulnerable Parameter

2. Proof of Concept

Solution For Web2py Open Redirection Vulnerability

Update to latest version ;)

No comments:

Post a Comment

Featured post

Indian Mutual Fund Customer Data Is On Risk | Mutual Funds Vulnerability

Image from - I...

Popular Posts