PT-2026-39883

Name of the Vulnerable Software and Affected Versions MantisBT affected versions not specified Description Improper escaping of the redirection page, which is retrieved from the Referer header of the request, allows an attacker to inject HTML. In certain server configurations, this can lead to...

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017504)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017504 advisory. curl 7.1.1 to and including 7.75.0 is vulnerable to an Exposure of Private Personal Information to an Unauthorized Actor by leaking credentials in the HTTP Referer:...

Snipe-IT has an open redirect vulnerability

Open redirect vulnerability in Snipe-IT allows attackers to redirect users to malicious sites via unvalidated HTTP Referer header stored in session variable. Impact - Phishing: Redirect users to fake login pages to steal credentials - Session Hijacking: Redirect to attacker site that captures...

GHSA-JP94-3292-C3XV Devise has an Open Redirect via Unvalidated `request.referrer` in Timeoutable Session Timeout Handler

Summary When the Timeoutable module is enabled in Devise, the FailureAppredirecturl method returns request.referrer — the HTTP Referer header, which is attacker-controllable — without validation for any non-GET request that results in a session timeout. An attacker who hosts a page with an...

PT-2026-39165

Summary When the Timeoutable module is enabled in Devise, the FailureAppredirect url method returns request.referrer — the HTTP Referer header, which is attacker-controllable — without validation for any non-GET request that results in a session timeout. An attacker who hosts a page with an...

Devise has an Open Redirect via Unvalidated `request.referrer` in Timeoutable Session Timeout Handler

Summary When the Timeoutable module is enabled in Devise, the FailureAppredirecturl method returns request.referrer — the HTTP Referer header, which is attacker-controllable — without validation for any non-GET request that results in a session timeout. An attacker who hosts a page with an...

PT-2026-39182

Name of the Vulnerable Software and Affected Versions Devise versions 5.0.3 and earlier Description When the Timeoutable module is enabled, the FailureAppredirect url method returns the request.referrer the HTTP Referer header without validation for any non-GET request that results in a session...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via the trainerlogin function. An attacker can redirect a user's browser to an external, attacker-controlled URL by supplying a crafted next parameter, potentially exposing sensitive information such as the original URL...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Frangoteam Fuxa

CVE-2025-69985: Exploit para Autenticación Bypass a RCE en FUX...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Frangoteam Fuxa

CVE-2025-69985: FUXA ≤ 1.2.8 Authentication Bypass + RCE Explo...

VulnCheck KEV: CVE-2025-69985

FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...

goshs 安全漏洞

Goshs is a simple HTTP server developed by Patrick Hener using Go language. Versions of Goshs 2.0.0-beta.4 to 2.0.0-beta.5 contain security vulnerabilities. These vulnerabilities stem from HTTP GET routes that involve state changes, lacking CSRF, Origin, or Referer validation. This could allow...

CVE-2026-40255

AdonisJS HTTP Server is a package for handling HTTP requests in the AdonisJS framework. In @adonisjs/http-server versions prior to 7.8.1 and 8.0.0-next.0 through 8.1.3, and @adonisjs/core versions prior to 7.4.0, the response.redirect.back method reads the Referer header from the incoming HTTP...

CVE-2026-40255

Summary: CVE-2026-40255 is an open redirect vulnerability in @adonisjs/http-server and related core versions. The issue arises when response.redirect().back() reads the Referer header and redirects without validating the host, enabling attackers to redirect users to external sites if they can inf...

CVE-2026-40255

AdonisJS HTTP Server is a package for handling HTTP requests in the AdonisJS framework. In @adonisjs/http-server versions prior to 7.8.1 and 8.0.0-next.0 through 8.1.3, and @adonisjs/core versions prior to 7.4.0, the response.redirect.back method reads the Referer header from the incoming HTTP...

CVE-2026-40255 @adonisjs/http-server has an Open Redirect vulnerability

AdonisJS HTTP Server is a package for handling HTTP requests in the AdonisJS framework. In @adonisjs/http-server versions prior to 7.8.1 and 8.0.0-next.0 through 8.1.3, and @adonisjs/core versions prior to 7.4.0, the response.redirect.back method reads the Referer header from the incoming HTTP...

CVE-2026-40255 @adonisjs/http-server has an Open Redirect vulnerability

AdonisJS HTTP Server is a package for handling HTTP requests in the AdonisJS framework. In @adonisjs/http-server versions prior to 7.8.1 and 8.0.0-next.0 through 8.1.3, and @adonisjs/core versions prior to 7.4.0, the response.redirect.back method reads the Referer header from the incoming HTTP...

@adonisjs/http-server 安全漏洞

@adonisjs/http-server is an HTTP server framework based on Node.js, open-sourced by the AdonisJS Framework. Versions of @adonisjs/http-server prior to 7.8.1, as well as versions 8.0.0-next.0 to 8.1.3, along with @adonisjs/core version 7.4.0 and earlier, have security vulnerabilities. These...

@adonisjs/http-server has an Open Redirect vulnerability

Impact The response.redirect.back method in @adonisjs/http-server is vulnerable to open redirects. The method reads the Referer header from the incoming HTTP request and redirects to that URL without validating the host. An attacker who can influence the Referer header for example, by linking a...

Open Redirect

Overview @adonisjs/http-server is an AdonisJS HTTP server with support packed with Routing and Cookies Affected versions of this package are vulnerable to Open Redirect via the response.redirect.back function. An attacker can redirect users to malicious external sites by manipulating the Referer...