PT-2026-57986 · Eclipse · Vert.X
Published
2026-07-14
·
Updated
2026-07-14
·
CVE-2026-15075
CVSS v4.0
8.2
High
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Eclipse Vert.x versions prior to 4.5.30
Eclipse Vert.x versions prior to 5.1.5
Description
The
DefaultRedirectHandler in the vertx-core module propagates all request headers during cross-origin HTTP 30x redirects without performing origin comparisons of the scheme, host, or port. While the Content-Length header is stripped, other sensitive headers such as Authorization, Cookie, Proxy-Authorization, and custom headers like X-API-Token are forwarded to the redirect destination. An attacker can exploit this by inducing a request to be redirected to a host under their control, allowing them to capture bearer tokens, basic-auth credentials, session cookies, and API keys.Recommendations
Update to version 4.5.30 or later.
Update to version 5.1.5 or later.
Fix
Information Disclosure
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Vert.X