Gradio has an Open Redirect in its OAuth Flow
GHSA-pfjf-5gxr-995x · CVE-2026-28415 · PYSEC-2026-65
Published · Modified
Description
Summary
The _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton).
Details
def _redirect_to_target(request, default_target="/"):
target = request.query_params.get("_target_url", default_target)
return RedirectResponse(target) # No validation
An attacker can craft a URL like https://my-space.hf.space/logout?_target_url=https://evil.com/phishing that redirects the user to an external site after logout. Because the URL originates from a trusted hf.space domain, users are more likely to trust the link.
Impact
Phishing — an attacker can use the trusted domain to redirect users to a malicious site. No direct data exposure or server-side impact.
Fix
The _target_url parameter is now sanitized to only use the path, query, and fragment, stripping any scheme or host.
References
- WEB https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-28415
- WEB https://github.com/gradio-app/gradio/commit/dfee0da06d0aa94b3c2684131e7898d5d5c1911e
- PACKAGE https://github.com/gradio-app/gradio
- WEB https://github.com/gradio-app/gradio/releases/tag/gradio%406.6.0
- WEB https://github.com/pypa/advisory-database/tree/main/vulns/gradio/PYSEC-2026-65.yaml
Ready to move
Start Securing
Free, no credit card | First findings in minutes