CVE-2024-21641
Summary: CVE-2024-21641 affects Flarum versions before 1.8.5, where the /logout redirect parameter can be abused to redirect users to arbitrary links within a trusted domain, enabling open redirects. Impact: Unauthenticated users could be redirected by a trusted Flarum instance; for logged-in use...