CVE-2024-43794: Insecure Url Path Extraction Split
Extracting a URL path by splitting on '?' ignores URL fragments ('#'). This can allow an attacker to bypass prefix-based path validation (e.g., checking if it starts with '/') by hiding payloads in the fragment or using URL-encoded whitespace, leading to vulnerabilities such as Open Redirect or SSRF. Use a robust URL parser (like `new URL()`) or ensure both
JSgreprules fetch cve-2024-43794-insecure-url-path-extraction-split --engine opengrepDescription
Extracting a URL path by splitting on '?' ignores URL fragments ('#'). This can allow an attacker to bypass prefix-based path validation (e.g., checking if it starts with '/') by hiding payloads in the fragment or using URL-encoded whitespace, leading to vulnerabilities such as Open Redirect or SSRF. Use a robust URL parser (like `new URL()`) or ensure both
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0