URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to and including 1.0.4. Solution: removed the the forward component since it was improper designed for UI embedding. User please upgrade to 1.1.0 to fix this issue.

Affected Packages

Maven org.apache.helix:helix

Affected versions: 0.8.0 (fixed in 1.1.0)

Related CVEs

CVE-2022-47500

Key Information

GHSA ID

GHSA-mhxg-2xf7-4xwx

Published

December 19, 2022 12:30 PM

Last Modified

December 27, 2022 1:02 AM

CVSS Score

5.0 /10

Primary Ecosystem

Maven

Primary Package

org.apache.helix:helix

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 28, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.