{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-57821", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-08-20T14:30:35.011Z", "datePublished": "2025-08-27T16:32:36.284Z", "dateUpdated": "2025-08-27T18:53:03.636Z"}, "containers": {"cna": {"title": "Basecamp's Google Sign-In for Rails allowed redirects to a malformed URL", "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "lang": "en", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/basecamp/google_sign_in/security/advisories/GHSA-7pwc-wh6m-44q3", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/basecamp/google_sign_in/security/advisories/GHSA-7pwc-wh6m-44q3"}, {"name": "https://github.com/basecamp/google_sign_in/pull/73", "tags": ["x_refsource_MISC"], "url": "https://github.com/basecamp/google_sign_in/pull/73"}, {"name": "https://github.com/basecamp/google_sign_in/commit/85903651201257d4f14b97d4582e6d968ac32f15", "tags": ["x_refsource_MISC"], "url": "https://github.com/basecamp/google_sign_in/commit/85903651201257d4f14b97d4582e6d968ac32f15"}, {"name": "https://github.com/basecamp/google_sign_in/releases/tag/v1.3.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/basecamp/google_sign_in/releases/tag/v1.3.0"}], "affected": [{"vendor": "basecamp", "product": "google_sign_in", "versions": [{"version": "< 1.3.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-08-27T16:32:36.284Z"}, "descriptions": [{"lang": "en", "value": "Basecamp's Google Sign-In adds Google sign-in to Rails applications. Prior to version 1.3.0, it is possible to craft a malformed URL that passes the \"same origin\" check, resulting in the user being redirected to another origin. Rails applications configured to store the flash information in a session cookie may be vulnerable, if this can be chained with an attack that allows injection of arbitrary data into the session cookie. This issue has been patched in version 1.3.0. If upgrading is not possible at this time, a way to mitigate the chained attack can be done by explicitly setting SameSite=Lax or SameSite=Strict on the application session cookie."}], "source": {"advisory": "GHSA-7pwc-wh6m-44q3", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-27T18:52:45.946842Z", "id": "CVE-2025-57821", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-27T18:53:03.636Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-57821", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-27T18:52:45.946842Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-27T17:11:44.185Z"}}], "cna": {"title": "Basecamp's Google Sign-In for Rails allowed redirects to a malformed URL", "source": {"advisory": "GHSA-7pwc-wh6m-44q3", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "basecamp", "product": "google_sign_in", "versions": [{"status": "affected", "version": "< 1.3.0"}]}], "references": [{"url": "https://github.com/basecamp/google_sign_in/security/advisories/GHSA-7pwc-wh6m-44q3", "name": "https://github.com/basecamp/google_sign_in/security/advisories/GHSA-7pwc-wh6m-44q3", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/basecamp/google_sign_in/pull/73", "name": "https://github.com/basecamp/google_sign_in/pull/73", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/basecamp/google_sign_in/commit/85903651201257d4f14b97d4582e6d968ac32f15", "name": "https://github.com/basecamp/google_sign_in/commit/85903651201257d4f14b97d4582e6d968ac32f15", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/basecamp/google_sign_in/releases/tag/v1.3.0", "name": "https://github.com/basecamp/google_sign_in/releases/tag/v1.3.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Basecamp's Google Sign-In adds Google sign-in to Rails applications. Prior to version 1.3.0, it is possible to craft a malformed URL that passes the \"same origin\" check, resulting in the user being redirected to another origin. Rails applications configured to store the flash information in a session cookie may be vulnerable, if this can be chained with an attack that allows injection of arbitrary data into the session cookie. This issue has been patched in version 1.3.0. If upgrading is not possible at this time, a way to mitigate the chained attack can be done by explicitly setting SameSite=Lax or SameSite=Strict on the application session cookie."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-08-27T16:32:36.284Z"}}}, "cveMetadata": {"cveId": "CVE-2025-57821", "state": "PUBLISHED", "dateUpdated": "2025-08-27T18:53:03.636Z", "dateReserved": "2025-08-20T14:30:35.011Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-08-27T16:32:36.284Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Basecamp's Google Sign-In adds Google sign-in to Rails applications. Prior to version 1.3.0, it is possible to craft a malformed URL that passes the \"same origin\" check, resulting in the user being redirected to another origin. Rails applications configured to store the flash information in a session cookie may be vulnerable, if this can be chained with an attack that allows injection of arbitrary data into the session cookie. This issue has been patched in version 1.3.0. If upgrading is not possible at this time, a way to mitigate the chained attack can be done by explicitly setting SameSite=Lax or SameSite=Strict on the application session cookie."}, {"lang": "es", "value": "El inicio de sesi\u00f3n de Google de Basecamp incorpora el inicio de sesi\u00f3n de Google a las aplicaciones Rails. Antes de la versi\u00f3n 1.3.0, era posible manipular una URL mal formada que superara la comprobaci\u00f3n de \"mismo origen\", lo que provocaba que el usuario fuera redirigido a otro origen. Las aplicaciones Rails configuradas para almacenar la informaci\u00f3n flash en una cookie de sesi\u00f3n pueden ser vulnerables si esto se combina con un ataque que permita la inyecci\u00f3n de datos arbitrarios en la cookie de sesi\u00f3n. Este problema se ha corregido en la versi\u00f3n 1.3.0. Si la actualizaci\u00f3n no es posible en este momento, se puede mitigar el ataque encadenado configurando expl\u00edcitamente SameSite=Lax o SameSite=Strict en la cookie de sesi\u00f3n de la aplicaci\u00f3n."}], "id": "CVE-2025-57821", "lastModified": "2025-08-29T16:24:09.860", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 2.5, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-08-27T17:15:48.057", "references": [{"source": "[email protected]", "url": "https://github.com/basecamp/google_sign_in/commit/85903651201257d4f14b97d4582e6d968ac32f15"}, {"source": "[email protected]", "url": "https://github.com/basecamp/google_sign_in/pull/73"}, {"source": "[email protected]", "url": "https://github.com/basecamp/google_sign_in/releases/tag/v1.3.0"}, {"source": "[email protected]", "url": "https://github.com/basecamp/google_sign_in/security/advisories/GHSA-7pwc-wh6m-44q3"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "[email protected]", "type": "Primary"}]}

{}