13 matches found
PT-2026-41962
Summary navigateTo with external: true generates a server-side HTML redirect body containing a tag. The destination URL is only sanitized by replacing " with %22, leaving , &, and ' unencoded. An attacker who can influence the URL passed to navigateTourl, external: true can break out of the...
CVE-2026-1628
Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...
EUVD-2026-9174
Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...
CVE-2026-1628
Mattermost Desktop App versions =5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functionality to untrusted servers via having a user open an external link in their Mattermost server...
GHSA-3HMW-8MW3-RMPJ NocoDB has Unvalidated Redirect in Login Flow via continueAfterSignIn Parameter
Summary An unvalidated redirect open redirect vulnerability exists in NocoDB’s login flow due to missing validation of the continueAfterSignIn parameter. During authentication, NocoDB processes a user-controlled redirect value and conditionally performs client-side navigation without enforcing an...
NocoDB has Unvalidated Redirect in Login Flow via continueAfterSignIn Parameter
Summary An unvalidated redirect open redirect vulnerability exists in NocoDB’s login flow due to missing validation of the continueAfterSignIn parameter. During authentication, NocoDB processes a user-controlled redirect value and conditionally performs client-side navigation without enforcing an...
CVE-2025-68470 React Router has unexpected external redirect via untrusted paths
React Router is a router for React. In versions 6.0.0 through 6.30.1 and 7.0.0 through 7.9.5, an attacker-supplied path can be crafted so that when a React Router application navigates to it via navigate, , or redirect, the app performs a navigation/redirect to an external URL. This is only an...
CVE-2025-62595
KoaJS CVE-2025-62595 affects Koa until patched: versions 2.16.2–2.16.2.x before 2.16.3 and 3.0.1–3.0.2.x before 3.0.3 are vulnerable to a Referer header bypass that can force user redirects to external sites via back redirect in the HTTP header handling. Root cause: some crafted URLs are treated ...
SAP Fiori 安全漏洞
SAP Fiori, a user experience UX design system for SAP applications from SAP, Germany, provides designers and developers with a set of tools and guidelines to quickly develop applications for any platform, delivering a consistent, innovative experience for creators and users. A security...
SUSE CVE-2016-5097
phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading 1 HTTP requests or 2 server logs...
Drupal External Link Injection Vulnerability
Drupal core is a free, open source content management system developed in PHP and maintained by the Drupal community. A security vulnerability exists in version 7.x of Drupal core prior to 7.57. An attacker could exploit this vulnerability to navigate users to an external website...
DEBIAN-CVE-2016-5097
phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading 1 HTTP requests or 2 server logs...
CVE-2016-5097
phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading 1 HTTP requests or 2 server logs...