CVE-2020-12283

Published April 30th, 2020

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

5.8

MEDIUM

Affected

PROJECT

Description

Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of improper validation in the SafeRedirectURL method in cmd/frontend/auth/redirect.go, such as for the //foo//example.com substring.

sourcegraph/sourcegraphUNAVAILABLE

Code AI platform with Code Search & Cody

GitHub

10K