MEDIUM 6.1

GHSA-894c-rg7f-3c62

pgAdmin 4 Open Redirect vulnerability

상세

Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / pgadmin4

최초 영향 버전: 0 수정 버전: 6.14

수정 pip install --upgrade 'pgadmin4>=6.14'

참고

https://nvd.nist.gov/vuln/detail/CVE-2023-22298 [ADVISORY]
https://github.com/pgadmin-org/pgadmin4/issues/5343 [WEB]
https://github.com/pgadmin-org/pgadmin4 [PACKAGE]
https://jvn.jp/en/jp/JVN03832974/index.html [WEB]
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPH [WEB]
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPH [WEB]
https://www.pgadmin.org [WEB]