Kanaries Pygwalker Open Redirect Vulnerability Allowing Sensitive Information Disclosure and Arbitrary Code Execution
Vulnerability
A vulnerability in Kanaries Inc Pygwalker versions prior to 0.4.9.9 allows remote attackers to access sensitive information and execute arbitrary code. This is achieved through the redirect_path parameter in the login redirection function, which can be manipulated to redirect users to malicious sites or potentially execute harmful code.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive information and execution of arbitrary code on the affected system.
Reproduction
To reproduce this vulnerability, navigate to the Kanaries website and initiate the login process. Once redirected to the login page, modify the redirect_path parameter to point to a malicious URL. After adjusting the parameter, proceed to log in using either GitHub or Google. Instead of being redirected to the intended Kanaries page, the user will be sent to the specified malicious URL.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.