GHSA-q562-qrm6-7p84LowCVSS 7.2
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX. The attacker...
🔗 CVE IDs covered (1)
📋 Description
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX.
The attacker could manipulate some client headers to perform an open-redirect, to potentially expose the session token.
This issue affects Apache APISIX: from 3.0.0 through 3.16.0.
Users are recommended to upgrade to version 3.17.0, which fixes the issue.