Description
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton). Starting in version 6.6.0, the _target_url parameter is sanitized to only use the path, query, and fragment, stripping any scheme or host.
Published: 2026-02-27
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Open Redirect
Action: Patch
AI Analysis

Impact

Gradio’s _redirect_to_target function accepted an unvalidated target_url query parameter in its OAuth flow, creating a CWE‑601 open‑redirect weakness that allows a user who visits the /logout or /login/callback endpoint to be redirected to any external site. This exposure can be used for phishing, credential‑stealing, or other social‑engineering attacks.

Affected Systems

Gradio, the open‑source Python package for quick prototyping, is vulnerable in all releases prior to version 6.6.0 that enable OAuth, such as Hugging Face Spaces using gr.LoginButton. Versions 6.6.0 and later include a fix that strips any scheme or host from the target URL, leaving only its path, query, and fragment.

Risk and Exploitability

The CVSS score of 4.3 indicates a low overall severity, and the EPSS score is below 1 %, suggesting a low probability of exploitation. The vulnerability exists on the public endpoints of Gradio apps; an attacker can simply embed a malicious redirect in a link to the /logout or /login/callback endpoint, driving unsuspecting users to a crafted URL. Since the issue is not listed in KEV, there have been no confirmed wide‑scale exploits at this point.

Generated by OpenCVE AI on April 17, 2026 at 13:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Gradio to version 6.6.0 or newer, which sanitizes the redirect target in OAuth flows.
  • Verify that the OAuth endpoints now reject URLs containing a scheme or host by testing with a target like https://malicious.com.
  • If an upgrade cannot be performed, disable OAuth in the application or restrict the _target_url parameter to trusted domains only.

Generated by OpenCVE AI on April 17, 2026 at 13:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-pfjf-5gxr-995x Gradio has an Open Redirect in its OAuth Flow
History

Thu, 05 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
First Time appeared Gradio Project
Gradio Project gradio
CPEs cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:*
Vendors & Products Gradio Project
Gradio Project gradio

Mon, 02 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Gradio-app
Gradio-app gradio
Vendors & Products Gradio-app
Gradio-app gradio
References
Metrics threat_severity

None

 threat_severity

Moderate

Fri, 27 Feb 2026 22:00:00 +0000

Type Values Removed Values Added
Description Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton). Starting in version 6.6.0, the _target_url parameter is sanitized to only use the path, query, and fragment, stripping any scheme or host.
Title Gradio has Open Redirect in OAuth Flow
Weaknesses CWE-200
CWE-284
CWE-330
CWE-601
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N'}

Subscriptions

Gradio-app Gradio
Gradio Project Gradio
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-02T21:55:38.664Z

Reserved: 2026-02-27T15:33:57.289Z

Link: CVE-2026-28415

cve-icon Vulnrichment

Updated: 2026-03-02T21:55:34.975Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-27T22:16:24.497

Modified: 2026-03-05T13:06:31.743

Link: CVE-2026-28415

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-02-27T21:44:51Z

Links: CVE-2026-28415 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T14:00:15Z

Weaknesses