Lucene search
+L

109 matches found

nuclei
nuclei
added 9 hours ago39 views

SickChill - Open Redirect

SickChill's login endpoint's 'next' parameter accepts arbitrary content, allowing authenticated attackers to perform open redirects, but this was fixed in commit c7128a8946c3701df95c285810eb75b2de18bf82 by redirecting to a default page. id: CVE-2024-53995 info: name: SickChill - Open Redirect...

4.8CVSS6.2AI score0.00951EPSS
Exploits0References6
nvd
nvd
added yesterday5 views

CVE-2026-33213

Redash is a package for data visualization and sharing. From 5.0.2 to 26.3.0, the getnextpath function in Redash's authentication module stripped the scheme and netloc from user-supplied next parameters but did not normalize multiple leading slashes, allowing a crafted login URL such as...

6.1CVSS
Exploits0References2
cve
cve
added yesterday7 views

CVE-2026-33213

Redash vulnerability CVE-2026-33213 affects the data-visualization tool Redash (versions 5.0.2 through 26.3.0). The get_next_path() function in the authentication module strips the scheme and netloc from user-supplied next parameters but does not normalize multiple leading slashes, enabling an op...

6.1CVSS6AI score
Exploits0References2
cvelist
cvelist
added yesterday28 views

CVE-2026-33213 Redash: Open redirect vulnerability in post-login redirect handling

Redash is a package for data visualization and sharing. From 5.0.2 to 26.3.0, the getnextpath function in Redash's authentication module stripped the scheme and netloc from user-supplied next parameters but did not normalize multiple leading slashes, allowing a crafted login URL such as...

6.1CVSS
Exploits0References2
euvd
euvd
added yesterday5 views

EUVD-2026-44686

Redash is a package for data visualization and sharing. From 5.0.2 to 26.3.0, the getnextpath function in Redash's authentication module stripped the scheme and netloc from user-supplied next parameters but did not normalize multiple leading slashes, allowing a crafted login URL such as...

6.1CVSS6AI score
Exploits0References2
osv
osv
added 2026/07/06 9:27 p.m.5 views

GHSA-HMJ5-JM8H-H9FH Kiwi TCMS has an Open Redirect via unvalidated next parameter in account confirmation endpoint

Summary An open redirect vulnerability in the account confirmation endpoint allows an unauthenticated attacker to craft a URL hosted on a legitimate Kiwi TCMS instance that redirects victims to an arbitrary external domain. The attack surface is particularly relevant for phishing campaigns...

6.1CVSS6.1AI score
Exploits0References4
cvelist
cvelist
added 2026/06/18 11:37 p.m.41 views

CVE-2026-12049 pgAdmin 4: Open redirect in multi-factor authentication flow via unvalidated 'next' parameter

Open redirect in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honoured the user-supplied 'next' query/form parameter without confirming the target pointed back inside pgAdmin, so an authenticated victim who clicked /mfa/validate?next= -- a link typically...

5.3CVSS0.00218EPSS
Exploits0References2
osv
osv
added 2026/06/18 11:37 p.m.2 views

CVE-2026-12049 pgAdmin 4: Open redirect in multi-factor authentication flow via unvalidated 'next' parameter

Open redirect in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honoured the user-supplied 'next' query/form parameter without confirming the target pointed back inside pgAdmin, so an authenticated victim who clicked /mfa/validate?next= -- a link typically...

5.3CVSS6AI score0.00218EPSS
Exploits0References5
cve
cve
added 2026/06/18 11:37 p.m.41 views

CVE-2026-12049

CVE-2026-12049 affects pgAdmin 4. An open redirect vulnerability exists in the MFA flow where the next parameter is not validated against the current origin, allowing an authenticated user to be redirected to an attacker-controlled host via /mfa/validate?next=… This is a trusted-domain redirect r...

6.1CVSS5.4AI score0.00218EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2026/06/18 5:16 p.m.16 views

CVE-2026-55237

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions prior to 0.6.62 have a DOM-based Cross-Site Scripting XSS vulnerability in AutoGPT's signup page. The application improperly trusts a URL parameter next, which is...

8.8CVSS0.00189EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/18 4:21 p.m.22 views

CVE-2026-55237 AutoGPT SignUp Page has DOM-Based XSS and Open Redirect

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions prior to 0.6.62 have a DOM-based Cross-Site Scripting XSS vulnerability in AutoGPT's signup page. The application improperly trusts a URL parameter next, which is...

8.8CVSS0.00189EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/18 4:21 p.m.10 views

CVE-2026-55237

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions prior to 0.6.62 have a DOM-based Cross-Site Scripting XSS vulnerability in AutoGPT's signup page. The application improperly trusts a URL parameter next, which is...

8.8CVSS5.5AI score0.00189EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/06/18 12:0 a.m.13 views

PT-2026-50815

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 6.0 through 9.15 Description An open redirect exists in the multi-factor authentication MFA flow. The MFA validate and register endpoints, specifically '/mfa/validate', process the user-supplied next query or form parameter...

5.3CVSS5.8AI score0.00218EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/10 3:36 p.m.10 views

CVE-2026-45566 Roxy-WI: Open redirect on /login?next= via basic-auth userinfo syntax bypass

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the login flow allow-lists next URLs by rejecting strings containing https:// or http:// substrings, then constructs https://request.hostnexturl and the JS client redirects via...

6.1CVSS5.5AI score0.00153EPSS
Exploits0References1
euvd
euvd
added 2026/06/10 3:36 p.m.11 views

EUVD-2026-36063

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the login flow allow-lists next URLs by rejecting strings containing https:// or http:// substrings, then constructs https://request.hostnexturl and the JS client redirects via...

6.1CVSS5.5AI score0.00153EPSS
Exploits0References1
cve
cve
added 2026/06/10 3:36 p.m.20 views

CVE-2026-45566

Roxy-WI unauthenticated login flow flaw (affecting 8.2.6.4 and prior) allows an open redirect via the next parameter. The code rejects strings containing https:// or http:// but then builds https://{request.host}{next_url} and redirects with window.location.replace(), not accounting for userinfo@...

6.1CVSS5.5AI score0.00153EPSS
Exploits0References1
osv
osv
added 2026/06/10 3:36 p.m.2 views

CVE-2026-45566 Roxy-WI: Open redirect on /login?next= via basic-auth userinfo syntax bypass

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the login flow allow-lists next URLs by rejecting strings containing https:// or http:// substrings, then constructs https://request.hostnexturl and the JS client redirects via...

6.1CVSS6AI score0.00153EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/10 12:0 a.m.15 views

PT-2026-48458

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the login flow allow-lists next URLs by rejecting strings containing https:// or http:// substrings, then constructs https://request.hostnext url and the JS client redirects via...

6.1CVSS5.5AI score0.00153EPSS
Exploits0References2
osv
osv
added 2026/06/05 5:40 a.m.9 views

BIT-AIRFLOW-2026-40961 Apache Airflow: Open Redirect Bypass Vulnerability

A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the issafeurl check, enabling redirection from a trusted Airflow domain to an attacker-controlled origin. Users are advised to upgrade to apache-airflow 3.2.2 or later. As a defense-in-dept...

7.2CVSS5.5AI score0.00649EPSS
Exploits0References4
cve
cve
added 2026/05/28 5:47 p.m.33 views

CVE-2026-45307

Speakr prior to 0.8.20-alpha is vulnerable to an open redirect via the is_safe_url() helper. The validation used urljoin(request.host_url, target) before parsing, so a scheme-relative input like ////evil.com is resolved to a same-host URL during validation but is emitted verbatim in the Location ...

6.1CVSS5.8AI score0.00153EPSS
Exploits0References1
Rows per page
Query Builder