Mauro Eldritch

**Name of the Vulnerable Software and Affected Versions** Rancher versions prior to 2.2.4 Rancher version 2.1.4 **Description** A vulnerability exists in the login component of Rancher, where the `errorMsg` parameter can be tampered to display arbitrary content. Although tags are filtered, special characters and symbols are not, allowing malicious users to lure legitimate users to visit phishing sites using scare tactics. For example, a message can be displayed stating "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading". **Recommendations** For versions prior to 2.2.4, update to version 2.2.4 or later to resolve the issue. For version 2.1.4, update to version 2.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the login component to minimize the risk of exploitation. Avoid using the `errorMsg` parameter in the login endpoint until the issue is resolved.