关键信息 漏洞标题: Open redirect in user_saml via RelayState parameter CVE ID: CVE-2024-22400 GHSA ID: GHSA-622q-xhfr-xmv7 发布日期: Jan 18, 2024 严重性: Low (3.1 / 10) 受影响的版本: >= 5.0.0, >= 5.1.0, >= 5.2.0, >= 6.0.0 修复版本: 5.1.5, 5.2.5, 6.0.1 CVSS v3 基本度量: 攻击向量: Network 攻击复杂度: High 必需权限: None 用户交互: Required 范围: Unchanged 机密性: None 完整性: Low 可用性: None 影响: Users can be given a link to the Nextcloud and end up on an uncontrolled third party server. 修复建议: It is recommended that the User SAML app is upgraded to 5.1.5, 5.2.5, 6.0.1 变通方法: No workaround available 参考: HackerOne PullRequest 更多详情: If you have any questions or comments about this advisory, create a post in nextcloud/security-advisories. Customers: Open a support ticket at portal.nextcloud.com 漏洞来源: Ry0tak ( Reporter)