2 matches found
CVE-2025-9193 TOTVS Portal Meu RH Password Reset redirect
A flaw has been found in TOTVS Portal Meu RH up to 12.1.17. Impacted is an unknown function of the component Password Reset Handler. Executing manipulation of the argument redirectUrl can lead to open redirect. The attack may be performed from a remote location. The exploit has been published and...
PT-2025-33890 · Totvs · Totvs Portal Meu Rh
Name of the Vulnerable Software and Affected Versions: TOTVS Portal Meu RH versions up to 12.1.17 Description: A flaw has been identified in the Password Reset Handler component that may allow for an open redirect. Manipulation of the redirectUrl argument can lead to a redirect to an arbitrary UR...