Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44528

Jan. 10, 2022, 2:10 p.m. |

National Vulnerability Database nist.gov

A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.

2021 cve

Head of Information Security

@ Canny | Remote

Information Technology Specialist (INFOSEC)

@ U.S. Securities & Exchange Commission | Washington, D.C.

Information Security Manager - $90K-$180K - MANAG002176

@ Sound Transit | Seattle, WA

Sr. Software Security Architect

@ SAS | Remote

Senior Incident Responder

@ CipherTechs, Inc. | Remote

Data Security DevOps Engineer Senior/Intermediate

@ University of Michigan - ITS | Ann Arbor, MI