An open redirect vulnerability in Gradio allows attackers to craft malicious URLs that redirect users to external, potentially harmful sites without proper validation. [已公开] id: gradio-file-redirect info: name: Gradio - Open Redirect author: neo-ai-engineer,DhiyaneshDk severity: low description: | An open redirect vulnerability in Gradio allows attackers to craft malicious URLs that redirect users to external, potentially harmful sites without proper validation. metadata: verified: true max-request: 2 fofa-query: "Gradio" tags: gradio,redirect,vuln,oos http: - method: GET path: - "{{BaseURL}}/gradio_api/file=http://example.com" - "{{BaseURL}}/file=http://example.com" stop-at-first-match: true matchers: - type: regex part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # digest: 4a0a0047304502206bb24ee9877fa496a94d1aefe4cc8e7fae7a5c2e41ee99f4735655006c131f45022100bc730a2225d51df2c0ddc50f6c1fa38c3e139a0fdae1ea21078c2511c3bf541c:922c64590222798bb761d5b6d8e72950 来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/gradio-file-redirect.yaml

未知