pyLoad is an open-source Download Manager written in pure Python. There is an open redirect vulnerability due to incorrect validation of input values when redirecting users after login. pyLoad is validating URLs via the `get_redirect_url` function when redirecting users at login. This vulnerability has been patched with commit fe94451.
References
Link | Resource |
---|---|
https://github.com/pyload/pyload/commit/fe94451dcc2be90b3889e2fd9d07b483c8a6dccd | Patch |
https://github.com/pyload/pyload/security/advisories/GHSA-g3cm-qg2v-2hj5 | Exploit Vendor Advisory |
Configurations
History
13 Feb 2024, 22:48
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* | |
References | () https://github.com/pyload/pyload/commit/fe94451dcc2be90b3889e2fd9d07b483c8a6dccd - Patch | |
References | () https://github.com/pyload/pyload/security/advisories/GHSA-g3cm-qg2v-2hj5 - Exploit, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
First Time |
Pyload pyload
Pyload |
06 Feb 2024, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-06 04:15
Updated : 2024-02-28 20:54
NVD link : CVE-2024-24808
Mitre link : CVE-2024-24808
CVE.ORG link : CVE-2024-24808
JSON object : View
Products Affected
pyload
- pyload
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')