CVE-2026-14632
Received Received - Intake

Open Redirect in Ecommerce-CodeIgniter-Bootstrap

Vulnerability report for CVE-2026-14632, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-04

Last updated on: 2026-07-04

Assigner: VulDB

Description

A vulnerability was found in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 95dfa8cebbb87ab46ae450643a07241274a74dce. Affected by this issue is the function setReferrer of the file application/core/MY_Controller.php of the component Trusted Backend Interface. The manipulation of the argument href results in open redirect. The attack can be executed remotely. The exploit has been made public and could be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The patch is identified as 213babdbaa949e94557246414db0130e01394517. A patch should be applied to remediate this issue.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-04
Last Modified
2026-07-04
Generated
2026-07-04
AI Q&A
2026-07-04
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
kirilkirkov ecommerce-codeigniter-bootstrap to 95dfa8cebbb87ab46ae450643a07241274a74dce (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an open redirect issue found in the Ecommerce-CodeIgniter-Bootstrap platform, specifically in the setReferrer function of the Trusted Backend Interface component. It occurs because the application improperly handles the HTTP Referer header, allowing an attacker to manipulate the href argument. This manipulation can cause the application to redirect users to malicious external URLs.

The vulnerability can be exploited remotely without authentication. The attacker injects a malicious URL into the Referer header during the checkout process, which is then stored and later rendered as a clickable link in the administrator's orders page without proper validation or encoding.

This leads to a stored cross-site scripting (XSS) and open redirect vulnerability, enabling attackers to perform phishing or social engineering attacks against administrators by presenting malicious links in a trusted backend interface.

Impact Analysis

The vulnerability can impact you by allowing attackers to inject malicious URLs into the administrator-facing orders page. When administrators view this page, they may be exposed to phishing links or other social engineering attacks embedded within the trusted backend interface.

This can lead to compromised administrator accounts or unauthorized actions if the administrator interacts with the malicious links. Since the attack is stored and persistent, it poses an ongoing risk until the vulnerability is patched.

Additionally, the open redirect aspect can be exploited to redirect users to harmful external sites, potentially leading to further compromise or data theft.

Detection Guidance

This vulnerability involves manipulation of the HTTP Referer header that results in an open redirect and stored URI injection in the administrator-facing orders page. Detection involves monitoring HTTP requests for suspicious or malicious Referer header values, especially those containing unexpected URLs or scripts.

You can detect attempts by inspecting web server logs or capturing HTTP traffic to identify unusual Referer headers.

  • Use command-line tools like curl to simulate requests with suspicious Referer headers, for example: curl -H "Referer: http://malicious.example.com" http://yourserver/admin/orders
  • Use grep or similar tools to search web server logs for suspicious Referer values: grep -i 'Referer' /var/log/apache2/access.log | grep 'http'
  • Use network traffic capture tools like tcpdump or Wireshark to filter HTTP traffic and analyze Referer headers.
Mitigation Strategies

The primary mitigation step is to apply the patch identified by commit 213babdbaa949e94557246414db0130e01394517 which fixes the vulnerability in the setReferrer function.

This patch validates the HTTP Referer scheme to accept only http and https, limits the length of the Referer value, and applies HTML encoding to prevent injection attacks.

Until the patch is applied, restrict access to the administrator orders page to trusted users only and monitor for suspicious Referer header activity.

Consider implementing web application firewall (WAF) rules to block or sanitize suspicious Referer headers.

Compliance Impact

The vulnerability allows an attacker to perform an open redirect and stored cross-site scripting (XSS) attacks by injecting malicious URLs into the administrator-facing orders page via the HTTP Referer header. This can lead to phishing or social engineering attacks against administrators.

Such vulnerabilities can impact compliance with standards like GDPR and HIPAA because they may lead to unauthorized access or manipulation of sensitive administrative interfaces, potentially compromising the confidentiality and integrity of personal or protected health information.

Failure to properly validate and sanitize user input, as seen in this vulnerability, can violate requirements for secure processing and protection of data under these regulations.

Applying the provided patch mitigates these risks by validating the Referer header and encoding output to prevent injection attacks, thereby helping maintain compliance with security best practices required by such standards.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-14632. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart