-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| mayan-edms | pip | >= 4.10.0, < 4.10.2 | 4.10.2 |
| mayan-edms | pip | >= 4.9.0, < 4.9.7 | 4.9.7 |
| mayan-edms | pip | >= 4.8.0, < 4.8.10 | 4.8.10 |
| mayan-edms | pip | >= 4.7.0, < 4.7.8 | 4.7.8 |
| mayan-edms | pip | < 4.6.12 | 4.6.12 |
Miggo AIRoot Cause AnalysisThe vulnerability is an open redirect in Mayan EDMS. The provided patches from GitLab show changes in client-side JavaScript files that handle URL navigation. Specifically, the file mayan/apps/appearance/static/appearance/js/partial_navigation.js contains a class PartialNavigation which is responsible for client-side routing. The changes in this file add checks to ensure that any redirection target is on the same origin and uses the HTTP or HTTPS protocol. The vulnerability existed because these checks were missing, allowing a malicious actor to craft a URL that would redirect a user to an external site. Although the vulnerability description mentions the /authentication/ path, the fix is in a generic client-side navigation library that is used across the application, including the authentication pages. The vulnerable function is identified as PartialNavigation._getNewLocation based on the code changes in the patch, which directly address the open redirect vulnerability by adding the necessary validation before returning a new navigation URL.
PartialNavigation._getNewLocationmayan/apps/appearance/static/appearance/js/partial_navigation.js