Open Redirection Allowed

Issue date: 15-01-2020
Affects versions: 13.4, 13.3, 12.5, 11.2

Issue ID

SECURITY-131

Affected Product Version(s)

13.4.0, 12.6.7, 11.2.16 (and previous minor and patch releases)

Severity

Low

Description

Open redirection is allowed on the affected application, which allows a malicious individual to perform social engineering attacks (i.e. phishing). The redirection is done after entering valid credentials to access the application.

Steps to Reproduce:

Open a web browser and access the following URL: https://<server>/site/login/form
While intercepting traffic with an internet proxy, submit valid credentials.
Observe the parameter ‘destination’ on the body of the request, it indicates the destination upon successful login, which can be altered by modifying its value.

Instructions

Every customer is advised to upgrade as soon as possible to the latest maintenance release as indicated above, or higher. This can be done by simply incrementing the version number of the parent POM for the implementation project.

Content Application

Channels

Projects

Relevance

Architecture

Concepts

Platform Configuration

Frontend Integration

Backend Development

Commerce Accelerator

Cloud Deployment (PaaS)

On-Premise Deployment

Security

Release Management

Platform Development

Bloomreach Documentation version

Open Redirection Allowed