Spring Security Authorization Server's authorization endpoint performs insufficient validation of the requesturi parameter. An attacker can craft a malicious authorization request containing an invalid requesturi and an arbitrary, unvalidated redirect_uri, which can lead to an Open Redirect vulnerability.
Affected versions: Spring Security 7.0.0 through 7.0.5. Spring Authorization Server 1.5.0 through 1.5.7.
{
"unresolved_ranges": [
{
"source": "AFFECTED_FIELD",
"extracted_events": [
{
"introduced": "7.0.0"
},
{
"fixed": "7.0.5.1"
},
{
"introduced": "1.5.0"
},
{
"fixed": "1.5.7.1"
}
]
},
{
"source": "DESCRIPTION",
"extracted_events": [
{
"introduced": "7.0.0"
},
{
"fixed": "7.0.5"
},
{
"introduced": "1.5.0"
},
{
"fixed": "1.5.7"
}
]
}
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41008.json",
"cna_assigner": "vmware",
"cwe_ids": [
"CWE-601"
]
}