permalinks_controller.rb
code Critical
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: High

Problem

Possible unprotected redirect

Location

app/controllers/permalinks_controller.rb:14

redirect_to(Permalink.find_by_url(request.fullpath).target_url, :status => :moved_permanently)

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/permalinks_controller.rb or mark it as false positive.

application_controller.rb
code Critical
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: High

Problem

Possible unprotected redirect

Location

app/controllers/application_controller.rb:579

redirect_to(Permalink.find_by_url(path).target_url, :status => :moved_permanently)

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/application_controller.rb or mark it as false positive.

static_controller.rb
code Critical
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: High

Problem

Possible unprotected redirect

Location

app/controllers/static_controller.rb:32

redirect_to(SiteSetting.get(map[params[:id]][:redirect]))

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/static_controller.rb or mark it as false positive.

tags_controller.rb
code Critical
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: High

Problem

Possible unprotected redirect

Location

app/controllers/tags_controller.rb:376

redirect_to("#{Discourse.base_path}/tags#{Permalink.find_by_url("c/#{params[:category_slug_path_with_id]}").target_url}/#{params[:tag_id]}", :status => :moved_permanently)

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/tags_controller.rb or mark it as false positive.

session_controller.rb
code Critical
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: High

Problem

Possible unprotected redirect

Location

app/controllers/session_controller.rb:188

redirect_to(SiteSetting.discourse_connect_not_approved_url)

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/session_controller.rb or mark it as false positive.

users_controller.rb
code Critical
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: High

Problem

Possible unprotected redirect

Location

app/controllers/users_controller.rb:939

redirect_to(cookies.delete(:destination_url))

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/users_controller.rb or mark it as false positive.

invites_controller.rb
code Critical
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: High

Problem

Possible unprotected redirect

Location

app/controllers/invites_controller.rb:42

redirect_to(Invite.find_by(:invite_key => params[:id]).topics.first.url)

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/invites_controller.rb or mark it as false positive.

users_controller.rb
code Moderate
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: Weak

Problem

Possible unprotected redirect

Location

app/controllers/users_controller.rb:986

redirect_to(((session_sso_provider_url + "?") + cookies.delete(:sso_payload)))

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/users_controller.rb or mark it as false positive.

users_controller.rb
code Moderate
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: Weak

Problem

Possible unprotected redirect

Location

app/controllers/users_controller.rb:937

redirect_to(((session_sso_provider_url + "?") + cookies.delete(:sso_payload)))

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/users_controller.rb or mark it as false positive.

svg_sprite_controller.rb
code Moderate
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: Weak

Problem

Possible unprotected redirect

Location

app/controllers/svg_sprite_controller.rb:18

redirect_to(UrlHelper.absolute(SvgSprite.path(params[:theme_id].to_i)))

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/svg_sprite_controller.rb or mark it as false positive.

posts_controller.rb
code Moderate
Redirect
Discovered 3 months ago
Source: static code analysis
Category: Redirect
Confidence level: Weak

Problem

Possible unprotected redirect

Location

app/controllers/posts_controller.rb:162

redirect_to(path(Post.find(params[:post_id].to_i).url))

Category description: Sometimes redirect_to can be used with a user-supplied value that may allow the attacker to change the :host option and load a malicious script from a third party website.

Solution: fix the issue in app/controllers/posts_controller.rb or mark it as false positive.