4 matches found
CVE-2025-59426
Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.130.1, the project's OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a...
CVE-2025-59426
Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.130.1, the project's OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a...
CVE-2025-59426 lobe-chat has an Open Redirect
Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.130.1, the project's OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a...
Lobe Chat 安全漏洞
Lobe Chat is an open source, high performance chatbot framework open sourced from LobeHub. A security vulnerability exists in Lobe Chat versions prior to 1.130.1 that stems from the OIDC redirect processing logic constructing redirect URLs based on unvalidated X-Forwarded-Host or Host headers and...