EUVD-2026-28465
A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirectto query parameter on the /setup/unlock endpoint was reflected into an HTML attribute without proper sanitization, enabling an...