gin icon indicating copy to clipboard operation
gin copied to clipboard

Published 20 hours ago verified publisher icon gin-gonic

SAST Coverity scan [Security] - Open Redirect

Open raghvendra-dixit opened this issue 1 year ago • 0 comments

  • With issues:
    • Use the search tool before opening a new issue.
    • Please provide source code and commit sha if you found a bug.
    • Review existing issues and provide feedback or react to them.

Description

An attacker can mount a phishing attack by modifying the URL value to point to a malicious Web site. In github.​com/gin-gonic/gin.​redirectRequest(*github.​com/gin-gonic/gin.​Context): User-controlled input is used to specify an address that is used as a URL redirect or forward. An attacker can create a link to the trusted site that redirects to a malicious Web site. This could enable the attacker to steal user credentials. image

How to reproduce

package main

import (
	"github.com/gin-gonic/gin"
)

func main() {
	g := gin.Default()
	g.GET("/hello/:name", func(c *gin.Context) {
		c.String(200, "Hello %s", c.Param("name"))
	})
	g.Run(":9000")
}

Expectations

$ curl http://localhost:8201/hello/world
Hello world

Actual result

$ curl -i http://localhost:8201/hello/world
<YOUR RESULT>

Environment

  • go version: 1.17, Image: us-docker.pkg.dev/google.com/api-project-999119582588/go-boringcrypto/golang:1.17.11b7
  • gin version (or commit ref): github.com/gin-gonic/gin v1.7.7
  • operating system:

raghvendra-dixit avatar Aug 02 '22 17:08 raghvendra-dixit