You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@helix.apache.org by Junkai Xue <jx...@apache.org> on 2022/12/16 22:38:23 UTC
CVE-2022-47500: Apache Helix: Open redirect
Severity: low
Description:
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to 1.0.4.
Solution: removed the the forward component since it was improper designed for UI embedding.
User please upgrade to 1.1.0 to fix this issue.
Credit:
This issue was discovered by Everardo Padilla Saca (reporter)
References:
https://helix.apache.org/
https://www.cve.org/CVERecord?id=CVE-2022-47500