Miggo Logo

CVE-2022-0869: Open Redirect in django-spirit

6.1

CVSS Score
3.1

Basic Information

EPSS Score
0.87669%
Published
3/7/2022
Updated
2/3/2023
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
django-spiritpip< 0.12.30.12.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from direct use of Django's redirect() with user-controlled 'next' parameters without proper validation. The patch introduced a safe_redirect helper that implements url_has_allowed_host_and_scheme checks. The identified functions were all modified in the commit to replace raw redirect() calls with safe_redirect, indicating they previously lacked validation. These functions handle authentication-related flows (login/logout/registration) where the 'next' parameter is commonly used, making them prime targets for open redirect exploitation when unvalidated.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*j*n*o-spirit prior to v*rsion *.**.* is vuln*r**l* to op*n r**ir**t. In t** /us*r/lo*in *n*point, it *o*sn't ****k t** v*lu* o* t** n*xt p*r*m*t*r w**n t** us*r is lo**** in *n* p*ss*s it *ir**tly to r**ir**t w*i** r*sult to op*n r**ir**t. T*is *lso

Reasoning

T** vuln*r**ility st*ms *rom *ir**t us* o* *j*n*o's r**ir**t() wit* us*r-*ontroll** 'n*xt' p*r*m*t*rs wit*out prop*r v*li**tion. T** p*t** intro*u*** * s***_r**ir**t **lp*r t**t impl*m*nts url_**s_*llow**_*ost_*n*_s***m* ****ks. T** i**nti*i** *un*ti