CVE-2022-23078

In habitica versions v4.119.0 through v4.232.2 are vulnerable to open redirect via the login page.
Configurations

Configuration 1 (hide)

cpe:2.3:a:habitica:habitica:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:47

Type Values Removed Values Added
References () https://github.com/HabitRPG/habitica/commit/5bcfdbe066e8c899f3ecf3fdcdbacc2ecba7f02f - Patch, Third Party Advisory () https://github.com/HabitRPG/habitica/commit/5bcfdbe066e8c899f3ecf3fdcdbacc2ecba7f02f - Patch, Third Party Advisory
References () https://www.mend.io/vulnerability-database/CVE-2022-23078 - Exploit, Third Party Advisory () https://www.mend.io/vulnerability-database/CVE-2022-23078 - Exploit, Third Party Advisory

07 Nov 2023, 03:44

Type Values Removed Values Added
CVSS v2 : 5.8
v3 : 6.1
v2 : 5.8
v3 : unknown

Information

Published : 2022-06-22 12:15

Updated : 2024-11-21 06:47


NVD link : CVE-2022-23078

Mitre link : CVE-2022-23078

CVE.ORG link : CVE-2022-23078


JSON object : View

Products Affected

habitica

  • habitica
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')