CVE-2026-11477

Source
https://cve.org/CVERecord?id=CVE-2026-11477
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-11477.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-11477
Published
2026-06-08T01:45:11.512Z
Modified
2026-07-09T19:48:06.295410Z
Severity
  • 2.1 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
hs-web hsweb-framework OAuth2 Client OAuth2Client.java OAuth2Client redirect
Details

A vulnerability was detected in hs-web hsweb-framework up to 5.0.1. This affects the function OAuth2Client of the file hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Client.java of the component OAuth2 Client. The manipulation results in open redirect. The attack can be executed remotely. The exploit is now public and may be used. The patch is identified as c2882679a9125cea52678151af5ae213cbd52579. Applying a patch is advised to resolve this issue.

Database specific
{
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "5.0.0"
                },
                {
                    "last_affected": "5.0.0"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/11xxx/CVE-2026-11477.json",
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-601"
    ]
}
References

Affected packages

Git / github.com/hs-web/hsweb-framework

Affected ranges

Type
GIT
Repo
https://github.com/hs-web/hsweb-framework
Events
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "5.0.1"
        },
        {
            "last_affected": "5.0.1"
        }
    ]
}

Affected versions

5.*
5.0.1

Database specific

vanir_signatures_modified
"2026-07-09T19:48:06Z"
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-11477.json"
vanir_signatures
[
    {
        "id": "CVE-2026-11477-07fad6e9",
        "digest": {
            "line_hashes": [
                "24323329224603095924619813895572477824",
                "146741725495793916791613002681887733231",
                "185816413316488085388491691815899329496",
                "19204629325700103762287769639205117488",
                "18010768008749301529711883374689541414",
                "21180776317134269107515120343829206121",
                "74198482354391839327276592647378342378",
                "189831724569332065186314407354465216902",
                "303396815549223820061315414509745443331",
                "256374765224965204486285698297806435729",
                "302957656236011315771560493616059025465",
                "310525773910665731642988384265834992478",
                "314215241488849743602799145470130019753",
                "230528316797794493030741935169626526136",
                "145686389517584539381162296551873680815"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Client.java"
        }
    },
    {
        "id": "CVE-2026-11477-0e2057a7",
        "digest": {
            "line_hashes": [
                "193363816595999376092686479022746122287"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/AuthorizationCodeCache.java"
        }
    },
    {
        "id": "CVE-2026-11477-1473ed3e",
        "digest": {
            "line_hashes": [
                "288628584566060991938423147569778835462",
                "263016666157239617028762834650469485065",
                "340199855235176474016525165334692405948",
                "41395209436845848131822388102558563759",
                "207119176138963241812559034379916998095",
                "331357764356411014607324251102467615631",
                "52594932461398966820573100727870039278",
                "231962840798532245998621285388496374564",
                "195987436083494673804990432465249052935"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/test/java/org/hswebframework/web/oauth2/server/OAuth2ClientTest.java"
        }
    },
    {
        "id": "CVE-2026-11477-15962c26",
        "digest": {
            "function_hash": "49631337348282712089869952218351744870",
            "length": 185.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "function": "validateRedirectUri",
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Client.java"
        }
    },
    {
        "id": "CVE-2026-11477-3032327b",
        "digest": {
            "line_hashes": [
                "251144591947914168722740317683553852937",
                "239805045885611965678148753602895208050",
                "314563050473033172227487373579925897643",
                "205340533190528855681544828529771467106",
                "281948764424473686422802588688132763364"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2ServerAutoConfiguration.java"
        }
    },
    {
        "id": "CVE-2026-11477-3f3b23ad",
        "digest": {
            "function_hash": "141932790428919333661702732744761044155",
            "length": 202.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "function": "test",
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/test/java/org/hswebframework/web/oauth2/server/OAuth2ClientTest.java"
        }
    },
    {
        "id": "CVE-2026-11477-4e5242e1",
        "digest": {
            "function_hash": "24610680250009466798715504813783247222",
            "length": 722.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "function": "authorizeByCode",
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/web/OAuth2AuthorizeController.java"
        }
    },
    {
        "id": "CVE-2026-11477-52114980",
        "digest": {
            "line_hashes": [
                "200959192844393249550816239612727340641",
                "173934555365183540970705224321726213030",
                "183037644897281759148514310153230422700",
                "64289544293009669332523380395276341670",
                "119877179750177033116810165940403444310",
                "193537709964247929151924815544864726295",
                "207357500332333543596539940381520132341",
                "199775804517691290380569663196878949119",
                "220678793781109246449917457475288030165",
                "26756278139050676578911753026320293943",
                "100439279946094874233476971670301501796",
                "93587679414652800938904600169984627943",
                "27185084137477049526902290438850227937",
                "125027123658961422069893081905854464301",
                "310571800669273135212889301715490049433"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/web/OAuth2AuthorizeController.java"
        }
    },
    {
        "id": "CVE-2026-11477-6289daa9",
        "digest": {
            "line_hashes": [
                "303986703487038330082285640233086375528",
                "88267075901905091709878116858701293523",
                "165490391382623156836193381613975142217",
                "147565494682747351229483174789941419009",
                "290977170876523392613978255441918969532",
                "72018775540617635414432164299091056507",
                "118426964277591120425526771926092880161",
                "116989861592968171569321454757305819170"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/DefaultAuthorizationCodeGranter.java"
        }
    },
    {
        "id": "CVE-2026-11477-6c2eb74b",
        "digest": {
            "function_hash": "243626832102527454738715082599082312877",
            "length": 187.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "function": "validateSecret",
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Client.java"
        }
    },
    {
        "id": "CVE-2026-11477-96d0c794",
        "digest": {
            "function_hash": "199928875325609649592551143642770857471",
            "length": 856.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "function": "requestCode",
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/DefaultAuthorizationCodeGranter.java"
        }
    },
    {
        "id": "CVE-2026-11477-9e932855",
        "digest": {
            "line_hashes": [
                "240326597770184823537092471247368688055",
                "144655171970084424169354545293126429107"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/AuthorizationCodeTokenRequest.java"
        }
    },
    {
        "id": "CVE-2026-11477-a5b18959",
        "digest": {
            "line_hashes": [
                "31406294449847358842837682870362526450"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Properties.java"
        }
    },
    {
        "id": "CVE-2026-11477-ac5ccd82",
        "digest": {
            "function_hash": "324261775080742158007937354341378312003",
            "length": 1004.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "function": "requestToken",
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/DefaultAuthorizationCodeGranter.java"
        }
    },
    {
        "id": "CVE-2026-11477-b1fcead5",
        "digest": {
            "function_hash": "312525221900792805251490924304376348893",
            "length": 85.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/hs-web/hsweb-framework/commit/c2882679a9125cea52678151af5ae213cbd52579",
        "deprecated": false,
        "target": {
            "function": "oAuth2AuthorizeController",
            "file": "hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2ServerAutoConfiguration.java"
        }
    }
]