CVE-2022-47500

CVSS v3.1 6.1 (Medium)

EPSS 0.14 % (50^th)

Affected Products 1

Advisories 1

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to 1.0.4.

Solution: removed the the forward component since it was improper designed for UI embedding.

User please upgrade to 1.1.0 to fix this issue.

Weaknesses

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CVE Status: PUBLISHED
CNA: Apache Software Foundation
Published Date: 2022-12-19 11:15:11
(21 months ago)
Updated Date: 2023-11-07 03:56:16
(10 months ago)

Affected Products

Apache

Helix

Configuration #1

		CPE23	From	Up To
	Apache Helix from 0.8.0 version and 1.0.4 and prior versions	cpe:2.3:a:apache:helix	>= 0.8.0	<= 1.0.4