blob: f73d1fbc69a3924b785b0eba716c1c3620495c1f [file] [log] [blame]
packages:
- module: github.com/AndrewBurian/powermux
symbols:
- Route.execute
versions:
- fixed: 1.1.1
description: |
Attackers may be able to craft phishing links and other open
redirects by exploiting PowerMux's trailing slash redirection
feature. This may lead to users being redirected to untrusted
sites after following an attacker crafted link.
published: 2022-01-11T17:18:11Z
cves:
- CVE-2021-32721
ghsas:
- GHSA-mj9r-wwm8-7q52
links:
pr: https://github.com/AndrewBurian/powermux/pull/42
commit: https://github.com/AndrewBurian/powermux/commit/5e60a8a0372b35a898796c2697c40e8daabed8e9
context:
- https://github.com/AndrewBurian/powermux/security/advisories/GHSA-mj9r-wwm8-7q52