GHSA-894c-rg7f-3c62

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/01/GHSA-894c-rg7f-3c62/GHSA-894c-rg7f-3c62.json
Aliases
  • CVE-2023-22298
Published
2023-01-17T12:30:33Z
Modified
2023-02-02T10:38:59.038098Z
Details

Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.

References

Affected packages

PyPI / pgadmin4

pgadmin4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
6.14

Affected versions

4.*

4.20
4.22
4.23
4.24
4.25
4.26
4.27
4.28
4.29
4.30

5.*

5.0
5.1
5.2
5.3
5.4
5.5
5.6
5.7

6.*

6.10
6.11
6.12
6.13
6.2
6.3
6.4
6.5
6.6
6.7
6.8
6.9