PT-2022-16053 · Apache+5 · Apache Http Server+5

Zandbelt

Published

2022-12-14

Updated

2025-12-29

CVE-2022-23527

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions mod auth openidc versions prior to 2.4.12.2

Description The issue concerns an Open Redirect vulnerability in mod auth openidc, an OpenID Certified authentication and authorization module for the Apache 2.x HTTP server. When a logout parameter is provided to the redirect URI, the existing code in oidc validate redirect url() does not properly check for URLs that start with /t, leading to an open redirect.

Recommendations For versions prior to 2.4.12.2, upgrade to version 2.4.12.2 to resolve the issue. As a temporary workaround, consider configuring mod auth openidc to only allow redirection when the destination matches a given regular expression with OIDCRedirectURLsAllowed.

Exploit

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

ALSA-2023:6365

ALSA-2023:6940

ALSA-2023_6365

ALSA-2023_6940

ALT-PU-2023-8441

AZL-11653

CESA-2023_6940

CVE-2022-23527

DLA-3499-1

GHSA-Q6F2-285M-GR53

OESA-2023-1235

OESA-2023-1236

OPENSUSE-SU-2023_0215-1

OPENSUSE-SU-2024:12584-1

RHSA-2023:6365

RHSA-2023:6940

RHSA-2023_6365

RHSA-2023_6940

SUSE-SU-2023:0215-1

SUSE-SU-2023:1837-1

SUSE-SU-2023_1837-1

SUSE-SU-2025:4532-1

Affected Products

Alt Linux

Almalinux

Apache Http Server

Centos

Red Hat

Suse

PT-2022-16053 · Apache+5 · Apache Http Server+5

CVE-2022-23527

Weakness Enumeration

Related Identifiers

Affected Products

References · 59