Advisory GHSA-h5g6-xmh4-hc37 references a vulnerability in the following Go modules:
Description:
Summary
The restrictions on redirect URLs in openrun can be bypassed by attackers, leading to open redirect attacks.
Details
In the current project, the referrer header value is used for subsequent redirects, so there is currently a validation for this redirect value. The current validation logic requires that the host and schema of the redirect URL be the same as the current website's URL, and finally, the path part is used for redirection. This check seems robust, but it can still be bypassed by attackers.
<img width="1606" height="1346" alt="QQ20260602-140205-2-2" src="https://...
References:
No existing reports found with this module or alias.
See doc/quickstart.md for instructions on how to triage this report.
id: GO-ID-PENDING
modules:
- module: github.com/openrundev/openrun
versions:
- fixed: 0.17.7
vulnerable_at: 0.17.6
summary: |-
OpenRun: Redirect URL validation bypass using //host paths leads to Open
Redirect in github.com/openrundev/openrun
cves:
- CVE-2026-55252
ghsas:
- GHSA-h5g6-xmh4-hc37
references:
- advisory: https://github.com/advisories/GHSA-h5g6-xmh4-hc37
- advisory: https://github.com/openrundev/openrun/security/advisories/GHSA-h5g6-xmh4-hc37
- fix: https://github.com/openrundev/openrun/commit/709da784fcf1311c85f30f3542cfa3601a78bbf0
- web: https://github.com/openrundev/openrun/releases/tag/v0.17.7
source:
id: GHSA-h5g6-xmh4-hc37
created: 2026-07-10T00:01:54.843225679Z
review_status: UNREVIEWED
Advisory GHSA-h5g6-xmh4-hc37 references a vulnerability in the following Go modules:
Description:
Summary
The restrictions on redirect URLs in
openruncan be bypassed by attackers, leading to open redirect attacks.Details
In the current project, the referrer header value is used for subsequent redirects, so there is currently a validation for this redirect value. The current validation logic requires that the host and schema of the redirect URL be the same as the current website's URL, and finally, the path part is used for redirection. This check seems robust, but it can still be bypassed by attackers.
<img width="1606" height="1346" alt="QQ20260602-140205-2-2" src="https://...
References:
No existing reports found with this module or alias.
See doc/quickstart.md for instructions on how to triage this report.