CVE-2022-47500

Name of the Vulnerable Software and Affected Versions Apache Helix versions 0.8.0 through 1.0.4

Description The issue is related to a URL Redirection to Untrusted Site ('Open Redirect') vulnerability in the Apache Helix UI component. This vulnerability affects all releases of Apache Helix from 0.8.0 to 1.0.4. The problem was caused by an improperly designed forward component for UI embedding.

Recommendations For versions 0.8.0 through 1.0.4, upgrade to version 1.1.0 to fix the issue. As a temporary workaround, consider removing the forward component since it was improperly designed for UI embedding.