Moderate severityNVD Advisory· Published Jan 17, 2023· Updated Apr 3, 2025
CVE-2023-22298
CVE-2023-22298
Description
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pgadmin4PyPI | < 6.14 | 6.14 |
Affected products
1- Range: versions prior to v6.14
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- github.com/advisories/GHSA-894c-rg7f-3c62ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPH/mitrevendor-advisory
- nvd.nist.gov/vuln/detail/CVE-2023-22298ghsaADVISORY
- github.com/pgadmin-org/pgadmin4/issues/5343ghsaWEB
- jvn.jp/en/jp/JVN03832974/index.htmlghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPHghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPHghsaWEB
- www.pgadmin.orgghsaWEB
- www.pgadmin.orgmitre
News mentions
0No linked articles in our index yet.