LogoLogo
Home
  • 🍄Mission
  • FAQ
  • Hypha
    • 🌐What is Hypha
    • L1 Staking Architecture
    • How to Stake and Support L1 Chains
    • Hardware Provider Onboarding
    • Running an L1 Node for L1Marketplace
  • GoGoPool
    • Liquid Staking
      • 💧What is Liquid Staking?
      • ⛓️How Liquid Staking Works
      • 💸Yield - APY
      • 📘Guide: How to Stake - Unstake AVAX
      • Liquid Staking
    • Minipool
      • 💦What is Minipool?
      • ⚙️How Minipool Works
      • 💸Yield - APY
      • 🚦Minipool Statuses
      • 🚀How One-Click Launcher Works
      • 🪄Guide: How to Launch a Minipool with One-Click Launcher
      • 🖥️Guide: How to Launch a Minipool using Allnodes
      • ⚒️Guide: How to Launch a Minipool with Manual Setup
      • 🔑Avalanche BLS Keys
      • Launch Minipool
  • Protocol
    • 📚Litepaper
    • 🪙Tokenomics
    • 📐Analytics Explained
    • 🔒Security
      • 🔎Audits
        • 🔐Code4rena Audit
        • 🔐Zellic Audit
        • 🔐Kudelski Security Audit
      • 🕵️Bug Bounty Program
      • ⚠️Vulnerability Reports
    • ⏰Notifications
    • GoGoPool App
  • Technical Information & Brand Assets
    • 📒Contract Addresses
    • 💻API
Powered by GitBook
On this page
  • November 23, 2023 - URL Rewrite
  • Severity - Medium
  • Mitigation
  • Links
Edit on GitHub
  1. Protocol
  2. Security

Vulnerability Reports

Reported Vulnerabilities and Fixes

PreviousBug Bounty ProgramNextNotifications

Last updated 1 year ago

November 23, 2023 - URL Rewrite

Severity - Medium

Reported via the , this vulnerability was discovered by . No user funds were directly at risk. This vulnerability stemmed from an unsanitized input in the Next.js SDK tunnel endpoint, a part of the 'tunnel' feature in Sentry. It would allow attackers to send HTTP requests to arbitrary URLs and reflect the response back to the user. The primary concern was the insufficient restrictions on the 'o' query parameter, which could enable attackers to redirect requests and potentially execute malicious scripts. The vulnerability had the potential to significantly impact users. Malicious actors could exploit it to load pages with scripts in the backend, enabling them to connect to users' Web3 wallets. This could result in unauthorized transactions, registration of fake tokens, or even the rewriting of false airdrop or giveaway pages to siphon user funds.

Mitigation

The problem was mitigated by simply updating the Sentry NextJS Plugin. To mitigate further risk in the future, Sentry is being removed from our frontend site, effectively immediately. We thank 0xTeam for their responsible disclosure and an appropriate bounty will be paid.

Links

🔒
⚠️
GoGoPool Discord
0xTeam
Original Report
Mitigation Commit