Description
Open redirection vulnerability in the latest demo version of the Cradle eCommerce platform. The vulnerability occurs in the login form endpoint, where the ‘returnUrl’ parameter allows redirection because the web application accepts a URL as a parameter without properly validating it. As a result, it is possible to redirect users from the legitimate website to external pages. An attacker could exploit this vulnerability to deceive users and redirect them from a trusted URL to a malicious one without their knowledge.
Published: 2026-05-08
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An open‑redirection flaw exists in the login form endpoint of the latest demo version of the Cradle eCommerce platform. The ‘returnUrl’ parameter is accepted without proper validation, allowing an attacker to craft a link that redirects users from a legitimate site to any external URL. This can be used to deceive users into visiting malicious sites that may host phishing or malware. The vulnerability does not produce immediate code execution or data exfiltration, but it undermines user trust and can facilitate credential‑phishing campaigns.

Affected Systems

The affected product is Cradle eCommerce by Cradle. The flaw manifests in the demo deployment version’s login form. Only the eCommerce component is impacted; the associated CMS is not affected because it lacks user accounts and collections.

Risk and Exploitability

The CVSS base score is 5.3, indicating a medium‑severity disclosure. The EPSS score is not provided, and the flaw is not listed in the national KEV catalog. Exploitation requires an attacker to supply a crafted login URL containing the returnUrl parameter, which leads to the redirection. Such an attack path is simple and usually driven by social‑engineering, making the risk moderate but non‑negligible for users who may follow outbound links.

Generated by OpenCVE AI on May 8, 2026 at 12:50 UTC.

Remediation

Vendor Solution

The vulnerabilities have been fixed by the Cradle team in the latest version of Cradle eCommerce. This issue does not affect Cradle CMS, as it does not include products or collections, nor does it have customer accounts for logging in.

OpenCVE Recommended Actions

  • Upgrade Cradle eCommerce to the latest released version that includes the patch for the open‑redirection issue.
  • If an upgrade cannot be performed immediately, configure the application to allow returnUrl only to a whitelist of internal URLs or disable the returnUrl feature entirely.
  • Monitor outbound HTTP redirects originating from the login endpoint to detect suspicious patterns or malicious destinations.

Generated by OpenCVE AI on May 8, 2026 at 12:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 08 May 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 08 May 2026 11:45:00 +0000

Type Values Removed Values Added
Description Open redirection vulnerability in the latest demo version of the Cradle eCommerce platform. The vulnerability occurs in the login form endpoint, where the ‘returnUrl’ parameter allows redirection because the web application accepts a URL as a parameter without properly validating it. As a result, it is possible to redirect users from the legitimate website to external pages. An attacker could exploit this vulnerability to deceive users and redirect them from a trusted URL to a malicious one without their knowledge.
Title Multiple vulnerabilities in Cradle e-commerce
Weaknesses CWE-601
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published:

Updated: 2026-05-08T12:46:32.745Z

Reserved: 2026-02-27T10:16:09.822Z

Link: CVE-2026-3318

cve-icon Vulnrichment

Updated: 2026-05-08T12:46:29.683Z

cve-icon NVD

Status : Received

Published: 2026-05-08T12:16:29.323

Modified: 2026-05-08T12:16:29.323

Link: CVE-2026-3318

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-08T13:00:10Z

Weaknesses