You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@helix.apache.org by Junkai Xue <jx...@apache.org> on 2022/12/16 22:38:23 UTC

CVE-2022-47500: Apache Helix: Open redirect

Severity: low

Description:

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to 1.0.4.



Solution: removed the the forward component since it was improper designed for UI embedding.

 User please upgrade to 1.1.0 to fix this issue.

Credit:

This issue was discovered by Everardo Padilla Saca (reporter)

References:

https://helix.apache.org/
https://www.cve.org/CVERecord?id=CVE-2022-47500