Miggo Logo

CVE-2021-23387: Open Redirect in trailing-slash

5.4

CVSS Score
3.1

Basic Information

EPSS Score
0.49235%
Published
6/8/2021
Updated
2/1/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
trailing-slashnpm< 2.0.12.0.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

  1. The advisory explicitly states the vulnerability is in index.js::createTrailing().
  2. The commit f8e66f1 shows the fix was applied to this function by adding escapeLeadingSlashes() to sanitize the Location header.
  3. The pre-patch code used res.setHeader('Location', u.format(url)) with unescaped user-controlled input, enabling relative path manipulation via double slashes.
  4. CWE-601 mapping confirms this is a URL redirection vulnerability caused by improper URL sanitization in the Location header construction.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** p**k*** tr*ilin*-sl*s* ***or* *.*.* *r* vuln*r**l* to Op*n R**ir**t vi* t** us* o* tr*ilin* *ou*l* sl*s**s in t** URL w**n ****ssin* t** vuln*r**l* *n*point (su** *s *ttps://*x*mpl*.*om//*tt**k*r.*x*mpl*/). T** vuln*r**l* *o** is in in**x.js::*r*

Reasoning

*. T** **visory *xpli*itly st*t*s t** vuln*r**ility is in in**x.js::*r**t*Tr*ilin*(). *. T** *ommit ******* s*ows t** *ix w*s *ppli** to t*is *un*tion *y ***in* *s**p*L***in*Sl*s**s() to s*nitiz* t** Lo**tion *****r. *. T** pr*-p*t** *o** us** r*s.s*