Lucene search
K

5 matches found

EUVD
EUVD
added 2026/01/28 8:32 p.m.7 views

EUVD-2026-4870

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, an unvalidated redirect open redirect vulnerability exists in NocoDB’s login flow due to missing validation of the continueAfterSignIn parameter. During authentication, NocoDB processes a user-controlled redirect...

7.1CVSS6.3AI score0.00269EPSS
Exploits1References1
OSV
OSV
added 2025/12/11 1:16 a.m.5 views

UBUNTU-CVE-2025-67713

Miniflux 2 is an open source feed reader. Versions 2.2.14 and below treat redirecturl as safe when url.Parse....IsAbs is false, enabling phishing flows after login. Protocol-relative URLs like //ikotaslabs.com have an empty scheme and pass that check, allowing post-login redirects to...

6.1CVSS5.8AI score0.00187EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2025/12/11 12:17 a.m.4 views

CVE-2025-67713

Miniflux 2 is an open source feed reader. Versions 2.2.14 and below treat redirecturl as safe when url.Parse....IsAbs is false, enabling phishing flows after login. Protocol-relative URLs like //ikotaslabs.com have an empty scheme and pass that check, allowing post-login redirects to...

6.1CVSS7.8AI score0.00187EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2025/12/11 12:17 a.m.1 views

CVE-2025-67713 Miniflux 2 has an Open Redirect via protocol-relative `redirect_url`

Miniflux 2 is an open source feed reader. Versions 2.2.14 and below treat redirecturl as safe when url.Parse....IsAbs is false, enabling phishing flows after login. Protocol-relative URLs like //ikotaslabs.com have an empty scheme and pass that check, allowing post-login redirects to...

5.3CVSS6.1AI score0.00187EPSS
Exploits1References2
CVE
CVE
added 2025/12/11 12:17 a.m.26 views

CVE-2025-67713

Miniflux 2 has an Open Redirect due to protocol-relative redirect_url handling. Versions 2.2.14 and earlier treat redirect_url as safe if url.Parse(...).IsAbs() is false, allowing post-login redirects to attacker-controlled sites (e.g., protocol-relative URLs like //ikotaslabs.com). This is fixed...

6.1CVSS6.4AI score0.00187EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder