Possible Open Redirect in Host Authorization Middleware
There is a possible open redirect vulnerability in the Host Authorization middleware in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2021-22942.
Versions Affected: >= 6.0.0. Not affected: < 6.0.0 Fixed Versions: 220.127.116.11, 18.104.22.168
Specially crafted “X-Forwarded-Host” headers in combination with certain “allowed host” formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.
Impacted applications will have allowed hosts with a leading dot. For example, configuration files that look like this:
config.hosts << '.EXAMPLE.com'
When an allowed host contains a leading dot, a specially crafted Host header can be used to redirect to a malicious website.
This vulnerability is similar to CVE-2021-22881, but CVE-2021-22881 did not take in to account domain name case sensitivity.
Thanks! Please cleanup when ready.
Thanks, all done!