CVE-2022-40083

CRITICAL Year: 2022
CVSS v3 Score
9.6
Critical
Weakness Type
CWE-601
View all →

Vulnerability Description

Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery (SSRF).

Related Vulnerabilities

CVE-2022-31657

CRITICAL
CVSS:9.8(Critical)

VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.

CWE-6012022

CVE-2024-22891

CRITICAL
CVSS:9.8(Critical)

Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnerability via the Markdown link.

CWE-6012024

CVE-2022-41559

CRITICAL
CVSS:9.3(Critical)

The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on t...

CWE-6012022

CVE-2017-8989

CRITICAL
CVSS:9.1(Critical)

A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection.

CWE-6012017

CVE-2024-33661

CRITICAL
CVSS:9.1(Critical)

Portainer before 2.20.0 allows redirects when the target is not index.yaml.

CWE-6012024

CVE-2016-9078

HIGH
CVSS:8.8(High)

Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it load...

CWE-6012016