CVE-2024-46326 identifies an open redirect vulnerability in the Public Knowledge Project's pkp-lib software, versions 3.4.0-7 and earlier. The vulnerability stems from a lack of proper input sanitization in the logout function, which accepts a URL parameter that can be manipulated to redirect users to arbitrary external websites. This flaw falls under CWE-601 (Open Redirect) and can be exploited remotely without authentication, but requires user interaction, such as clicking a crafted logout link. The CVSS v3.1 base score is 6.1, reflecting a medium severity level due to the network attack vector, low attack complexity, no privileges required, but requiring user interaction. The vulnerability impacts confidentiality and integrity by enabling attackers to redirect users to malicious sites, potentially facilitating phishing attacks, credential theft, or session hijacking. There is no impact on availability. No public exploits have been reported yet, but the vulnerability poses a risk to academic publishing platforms and research institutions relying on pkp-lib. The lack of patch links suggests that a fix may not yet be publicly available, emphasizing the need for immediate mitigation steps.

The open redirect vulnerability can be leveraged by attackers to redirect users to malicious websites, which may lead to phishing, social engineering, or session hijacking attacks. This undermines user trust and can compromise user credentials or sensitive information, impacting confidentiality and integrity. Organizations using pkp-lib in academic publishing or research contexts could see reputational damage and potential data breaches if attackers exploit this vulnerability. Although the vulnerability does not affect system availability, the indirect consequences of successful phishing or credential theft can be severe, including unauthorized access to internal systems or data exfiltration. The medium CVSS score reflects a moderate risk, but the widespread use of pkp-lib in scholarly communication platforms increases the potential attack surface globally.

Organizations should immediately review and sanitize all input parameters related to URL redirection in the logout function to ensure only trusted URLs are accepted. Implement strict allowlists for redirect destinations and reject or neutralize any unrecognized or external URLs. Monitor user activity for suspicious logout URL patterns and educate users to avoid clicking on unexpected logout links. Stay alert for official patches or updates from the Public Knowledge Project and apply them promptly once available. In the interim, consider disabling or restricting the logout redirect feature if feasible. Employ web application firewalls (WAFs) to detect and block malicious redirect attempts. Conduct regular security assessments and code reviews focusing on input validation to prevent similar vulnerabilities.