EUVD-2026-29492
GHSA-39wp-j2gg-h44j
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionNVD
LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects.
On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are sent unchanged to the redirect target, including across scheme, host, or port changes.
A redirect to an attacker controlled host therefore discloses the caller's credentials to that host.
AnalysisAI
Credential leakage in LWP::UserAgent before 6.83 (Perl) exposes Authorization and Proxy-Authorization headers to attacker-controlled redirect targets across cross-origin 3xx redirects. The library's redirect handler stripped only Host and Cookie on follow-up requests, leaving credential headers intact even when the redirect crossed a scheme, host, or port boundary. …
Sign in for full analysis, threat intelligence, and remediation guidance.
More from same product – last 7 days
Command injection in the shell-quote npm package allows attackers who can influence object-token inputs to inject arbitr
Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers
Vendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today