CVE-2018-19790

An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the _failure_path input field of login forms, an attacker can work around the redirection target restrictions and effectively redirect the user to any domain after login.

Published: Dec 18, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-19790
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-601

Affected Software
References

Software	From	Fixed in
sensiolabs / symfony	4.2.0	4.2.1
sensiolabs / symfony	4.1.0	4.1.9
sensiolabs / symfony	4.0.0	4.0.15
sensiolabs / symfony	3.0.0	3.4.20
sensiolabs / symfony	2.8.0	2.8.49
sensiolabs / symfony	2.7.0	2.7.50
fedoraproject / fedora	28	28.x
debian / debian_linux	8.0	8.0.x

http://www.securityfocus.com/bid/106249
https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/
https://lists.fedoraproject.org/archives/list/[email protected]/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/
https://lists.fedoraproject.org/archives/list/[email protected]/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TD3E7FZIXLVFG3SMFJPDEKPZ26TJOW7/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZMRJ7VTHCY5AZK24G4QGX36RLUDTDKE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OA4WVFN5FYPIXAPLWZI6N425JHHDSWAZ/
https://seclists.org/bugtraq/2019/May/21
https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http
https://www.debian.org/security/2019/dsa-4441

Vulnerability Database

289,782

CVE-2018-19790