id: CVE-2020-15129 info: name: Open-redirect in Traefik author: dwisiswant0 severity: medium description: There exists a potential open redirect vulnerability in Traefik's handling of the X-Forwarded-Prefix header. Active Exploitation of this issue is unlikely as it would require active header injection, however the Traefik team may want to address this issue nonetheless to prevent abuse in e.g. cache poisoning scenarios. reference: - https://securitylab.github.com/advisories/GHSL-2020-140-Containous-Traefik - https://github.com/containous/traefik/releases/tag/v2.2.8 - https://github.com/containous/traefik/pull/7109 - https://github.com/containous/traefik/security/advisories/GHSA-6qq8-5wq3-86rp classification: cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.7 cve-id: CVE-2020-15129 cwe-id: CWE-601 tags: cve,cve2020,traefik,redirect requests: - method: GET path: - "{{BaseURL}}" headers: X-Forwarded-Prefix: "https://foo.nl" matchers-condition: and matchers: - type: status status: - 302 - type: word part: body words: - "Found"