2 matches found
CVE-2024-1240 Open Redirection in pyload/pyload
An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due to improper handling of the 'next' parameter in the login functionality. An attacker can exploit this vulnerability to redirect users to malicious sites, which can be used for phishing or other...
CVE-2024-1240
The CVE-2024-1240 entry applies to pyload/pyload 0.5.0, where the login flow mishandles the next parameter, enabling an open redirect to attacker-controlled sites (phishing risk). The issue is mitigated by upgrading to pyload-ng 0.5.0b3.dev79 or later. Connected documents confirm the vulnerable c...