CVE-2021-32721
Open redirect in github.com/AndrewBurian/powermux
4.7
MEDIUM
CVSS 3.1
EPSS 0.20%
Description
Attackers may be able to craft phishing links and other open redirects by exploiting PowerMux's trailing slash redirection feature. This may lead to users being redirected to untrusted sites after following an attacker crafted link.
How to fix CVE-2021-32721
To remediate CVE-2021-32721, upgrade the affected package to a fixed version below.
- —upgrade to 1.1.1 or later
- —upgrade to 1.1.1 or later
Is CVE-2021-32721 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.1.1
- from 0, < 1.1.1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM4.7 | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N |