Open Redirect
CVE-2026-44372
MEDIUM
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2Blast Radius
ecosystem impact- 18 npm packages depend on nitro (11 direct, 7 indirect)
- 760 npm packages depend on nitropack (143 direct, 626 indirect)
Ecosystem-wide dependent count for version 3.0.260429-beta and other introduced versions.
DescriptionGitHub Advisory
A redirect route rule like:
routeRules: {
"/legacy/**": { redirect: "/**" }
}is intended to rewrite paths within the same host. Before the patch, an attacker could turn the rewrite into a cross-host redirect by sliding an extra slash in after the rule prefix. Example exploit:
GET /legacy//evil.comNitro stripped /legacy from the matched pathname and joined the remainder against the rule's target. The remainder was //evil.com, which the join preserved verbatim, so Nitro responded with Location: //evil.com. Browsers resolve //evil.com as a protocol-relative URL against the current scheme, sending the user to https://evil.com.
Are you affected?
Users may be affected if all of the following are true:
- Their project uses Nitro's
routeRuleswith aredirectentry. - The target uses a
/wildcard suffix to forward sub-paths (e.g.redirect: "/",redirect: "/new/",proxy: { to: "http://upstream/" }). - The
redirectrule is _not_ handled natively at the CDN layer. Thevercel,netlify,cloudflare-pages, andedgeonepresets translaterouteRules.redirectinto platform config (vercel.json,_redirects, EdgeOne v3 config) and serve the redirect at the edge - those deployments bypass the Nitro runtime entirely and are not affected. Every other preset executes the redirect through the Nitro runtime and can be vulnerable.
Impact
Open redirect from any host serving Nitro with a wildcard redirect rule. The redirect target is fully attacker-controlled, the URL looks legitimate (it starts with the victim's domain), and the browser silently follows it.
Patched versions
Upgrade to one of:
- 2.13.4 or later (or upgrade lockfile with latest ufo 1.6.4+)
- 3.0.260429-beta or later (https://github.com/nitrojs/nitro/pull/4236)
The fix has two parts:
ufois bumped to^1.6.4(unjs/ufo@5cd9e67), which collapses any run of leading slashes to a single/insidewithoutBase. This covers the typical"/scope/**"rule.- The Nitro runtime additionally collapses leading
//before joining when the rule path itself is/**(in rare case which casewithoutBaseis never called and the raw pathname flows straight intojoinURL("", …)).
Analysis
A redirect route rule like:
routeRules: {
"/legacy/**": { redirect: "/**" }
}is intended to rewrite paths within the same host. Before the patch, an attacker could turn the rewrite into a cross-host redirect by sliding an extra slash in after the rule prefix. Example exploit:
GET /legacy//evil.comNitro stripped /legacy from the matched pathname and joined the remainder against the rule's target. The remainder was //evil.com, which the join preserved verbatim, so Nitro responded with Location: //evil.com. Browsers resolve //evil.com as a protocol-relative URL against the current scheme, sending the user to https://evil.com.
Are you affected?
Users may be affected if all of the following are true:
- Their project uses Nitro's
routeRuleswith aredirectentry. - The target uses a
/wildcard suffix to forward sub-paths (e.g.redirect: "/",redirect: "/new/",proxy: { to: "http://upstream/" }). - The
redirectrule is _not_ handled natively at the CDN layer. Thevercel,netlify,cloudflare-pages, andedgeonepresets translaterouteRules.redirectinto platform config (vercel.json,_redirects, EdgeOne v3 config) and serve the redirect at the edge - those deployments bypass the Nitro runtime entirely and are not affected. Every other preset executes the redirect through the Nitro runtime and can be vulnerable.
Impact
Open redirect from any host serving Nitro with a wildcard redirect rule. The redirect target is fully attacker-controlled, the URL looks legitimate (it starts with the victim's domain), and the browser silently follows it.
Patched versions
Upgrade to one of:
- 2.13.4 or later (or upgrade lockfile with latest ufo 1.6.4+)
- 3.0.260429-beta or later (https://github.com/nitrojs/nitro/pull/4236)
The fix has two parts:
ufois bumped to^1.6.4(unjs/ufo@5cd9e67), which collapses any run of leading slashes to a single/insidewithoutBase. This covers the typical"/scope/**"rule.- The Nitro runtime additionally collapses leading
//before joining when the rule path itself is/**(in rare case which casewithoutBaseis never called and the raw pathname flows straight intojoinURL("", …)).
More in Open Redirect
View allA malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL ca
GFI Kerio Control versions 9.2.5 through 9.4.5 contain an HTTP response splitting vulnerability in the dest parameter of
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect
Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to
Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows
Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 b
Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (li
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3
Flarum is open source discussion platform software. Rated medium severity (CVSS 6.5), this vulnerability is remotely exp
Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites
Open redirect vulnerability in the Redirect function in stageshow_redirect.php in the StageShow plugin before 5.0.9 for
Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnerability via the Markdown link. Rated crit
Share
External POC / Exploit Code
Leaving vuln.today
GHSA-9phm-9p8f-hw5m