PT-2022-18140 · Unknown · Nopcommerce

Adeadfed

Published

2022-10-20

Updated

2022-10-21

CVE-2022-26954

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions NopCommerce versions 4.10 through 4.50.1

Description The issue allows remote attackers to conduct phishing attacks by redirecting users to attacker-controlled web sites via the returnUrl parameter. This parameter is processed by several functions, including the ChangePassword function, SignInCustomerAsync function, SuccessfulAuthentication method, or the NopRedirectResultExecutor class.

Recommendations For NopCommerce versions 4.10 through 4.50.1, consider disabling the returnUrl parameter in the affected functions until a patch is available. Restrict access to the ChangePassword function, SignInCustomerAsync function, SuccessfulAuthentication method, and the NopRedirectResultExecutor class to minimize the risk of exploitation. Avoid using the returnUrl parameter in the affected API endpoints until the issue is resolved.

Exploit

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

CVE-2022-26954

Affected Products

Nopcommerce

PT-2022-18140 · Unknown · Nopcommerce

CVE-2022-26954

Weakness Enumeration

Related Identifiers

Affected Products

References · 5