Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.3
Gradio OAuth logout URL can redirect to malicious sites
CVE-2026-28415
GHSA-pfjf-5gxr-995x
Summary
Gradio's OAuth logout and login callback features can be tricked into redirecting users to external, untrusted websites, potentially exposing them to phishing attacks. Affected Gradio apps on Hugging Face Spaces should update to the latest version to prevent this. Users should be cautious when clicking on links from trusted domains that may be trying to trick them into visiting malicious sites.
What to do
- Update gradio to version 6.6.0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | gradio | <= 6.6.0 | 6.6.0 |
| gradio_project | gradio | <= 6.6.0 | – |
Original title
Gradio has an Open Redirect in its OAuth Flow
Original description
# Summary
The _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton).
## Details
```python
def _redirect_to_target(request, default_target="/"):
target = request.query_params.get("_target_url", default_target)
return RedirectResponse(target) # No validation
```
An attacker can craft a URL like https://my-space.hf.space/logout?_target_url=https://evil.com/phishing that redirects the user to an external site after logout. Because the URL originates from a trusted hf.space domain, users are more likely to trust the link.
## Impact
Phishing — an attacker can use the trusted domain to redirect users to a malicious site. No direct data exposure or server-side impact.
## Fix
The _target_url parameter is now sanitized to only use the path, query, and fragment, stripping any scheme or host.
The _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton).
## Details
```python
def _redirect_to_target(request, default_target="/"):
target = request.query_params.get("_target_url", default_target)
return RedirectResponse(target) # No validation
```
An attacker can craft a URL like https://my-space.hf.space/logout?_target_url=https://evil.com/phishing that redirects the user to an external site after logout. Because the URL originates from a trusted hf.space domain, users are more likely to trust the link.
## Impact
Phishing — an attacker can use the trusted domain to redirect users to a malicious site. No direct data exposure or server-side impact.
## Fix
The _target_url parameter is now sanitized to only use the path, query, and fragment, stripping any scheme or host.
nvd CVSS3.1
4.7
Vulnerability type
CWE-200
Information Exposure
CWE-284
Improper Access Control
CWE-330
Use of Insufficiently Random Values
CWE-601
Open Redirect
- https://nvd.nist.gov/vuln/detail/CVE-2026-28415
- https://github.com/gradio-app/gradio/commit/dfee0da06d0aa94b3c2684131e7898d5d5c1...
- https://github.com/gradio-app/gradio/releases/tag/gradio%406.6.0
- https://github.com/advisories/GHSA-pfjf-5gxr-995x
- https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x Vendor Advisory
Published: 1 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026