Bug 513268 - Open Redirection vulnerability in wiki.eclipse.org
Summary: Open Redirection vulnerability in wiki.eclipse.org
Status: RESOLVED FIXED
Alias: None
Product: Community
Classification: Eclipse Foundation
Component: Wiki (show other bugs)
Version: unspecified   Edit
Hardware: PC Mac OS X
: P3 critical (vote)
Target Milestone: ---   Edit
Assignee: Eclipse Webmaster CLA
QA Contact:
URL:
Whiteboard:
Keywords: security
Depends on:
Blocks:
 
Reported: 2017-03-07 12:41 EST by Benjamin Cabé CLA
Modified: 2017-03-21 14:29 EDT (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Benjamin Cabé CLA 2017-03-07 12:41:45 EST 
From the security@eclipse.org inbox - see below.
Note that this only happens when not logged in to *.eclipse.org. 

I am marking this as 'critical', as I believe we really don't want to help people build phishing attacks and use our well-known brand to create honey pots.


----
Hi,

I get in touch to report an open redirection vulnerability affecting wiki.eclipse.org

A user can be sent a URL link that can lead to malicious content. The user will believe the link is trust-worthy.

PoC: http://wiki.eclipse.org//youtube.com

Server response:

HTTP/1.1 301 Moved Permanently
…
Location: http://youtube.com


This behavior can be leveraged to facilitate phishing attacks against users of the application.


I look forward to your reply.

Best Regards,
Guifre
------
Comment 1 Eclipse Webmaster CLA 2017-03-14 17:44:42 EDT 
This should now be resolved. 

Can I get someone else to confirm before we close this?

-M.
Comment 2 Benjamin Cabé CLA 2017-03-15 06:48:26 EDT 
(In reply to Eclipse Webmaster from comment #1)
> This should now be resolved. 
> 
> Can I get someone else to confirm before we close this?
> 
> -M.

Looks good to me. Thanks Matt.
Comment 3 Eclipse Webmaster CLA 2017-03-21 14:29:10 EDT 
Ok closing as fixed.

-M.