CVE-2025-58067
BaseFortify
Publication date: 2025-08-29
Last updated on: 2025-09-02
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| basecamp | google_sign_in | 1.3.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Basecamp's google_sign_in gem for Rails applications prior to version 1.3.1. It allows an attacker to redirect a user to another origin if the 'proceed_to' value in the session store is set to a protocol-relative URL. Normally, this URL is controlled by the library or application, but it may be possible for a malicious site to set this session value via a form submission. This vulnerability can be exploited if combined with another attack that modifies OAuth2 request parameters. The issue has been fixed in version 1.3.1.
How can this vulnerability impact me? :
This vulnerability can lead to users being redirected to malicious sites, potentially enabling phishing or other attacks. It may allow attackers to manipulate OAuth2 flows, which could compromise user trust or lead to unauthorized actions. However, the impact is limited as the CVSS score is 4.2, indicating low to medium severity, and exploitation requires chaining with another attack vector.
What immediate steps should I take to mitigate this vulnerability?
Upgrade the google_sign_in gem to version 1.3.1 or later, as this version contains the patch for the vulnerability. There are no workarounds available.