GHSA-2pmh-ppc3-5j39LowCVSS 6.1
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX. The default...
🔗 CVE IDs covered (1)
📋 Description
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX.
The default configuration of cas-auth in Apache APISIX is vulnerable to phishing and credential theft.
This issue affects Apache APISIX: from 3.0.0 through 3.16.0.
Users are recommended to upgrade to version 3.17.0, which fixes the issue.