CVE-2021-45328 Scanner

Gitea is an open-source, self-hosted Git service. It is widely used by developers and organizations to host and manage code repositories. The software offers features such as issue tracking, code review, and project management. Gitea is designed for lightweight operations and ease of installation across numerous platforms. It is often chosen for private Git hosting, providing users with control over their source code management. The software supports integration with other tools and services, enhancing the development process.

The Open Redirect vulnerability in Gitea allows an attacker to redirect users to arbitrary external websites. This vulnerability arises when URLs from internal sources are improperly validated. The flaw exists in the `redirect_to` parameter on the login page, which can be manipulated by attackers to facilitate external redirection. Users using Gitea versions before 1.4.3 are affected by this vulnerability.

Technically, the vulnerability is located in the login page's redirection system. The parameter `redirect_to`, used in the login process, allows insertion of unauthorized URLs. An attacker can exploit this by providing a malicious URL in this parameter, causing redirection upon a successful login attempt. The vulnerability resides in inadequate checking of the URL structure, allowing potentially dangerous URLs to execute the redirect action.

If exploited, the vulnerability can lead to users being unknowingly redirected to malicious websites. Such redirections can result in phishing attacks where sensitive information like login credentials may be stolen. It poses a significant risk in environments where users are unaware of the potential threats coming from external links. This vulnerability can also be used as a starting point for further attacks targeting the affected system.

REFERENCES

• https://github.com/go-gitea/gitea/issues/4332
• https://nvd.nist.gov/vuln/detail/CVE-2021-45328