6 matches found
CVE-2025-0970
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Account/Login. The manipulation of the argument ReturnUrl leads to open redirect. The attack can be launched remotely. The...
CVE-2025-0970
creationtimestamp| type| source ---|---|--- 2025-02-02 23:15:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lha5txb3kr2c 2025-02-03 00:03:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lhaajcduyt2r 2025-02-03 01:05:10+00:00| seen|...
CVE-2025-0970
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Account/Login. The manipulation of the argument ReturnUrl leads to open redirect. The attack can be launched remotely. The...
CVE-2025-0970 Zenvia Movidesk Login redirect
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Account/Login. The manipulation of the argument ReturnUrl leads to open redirect. The attack can be launched remotely. The...
CVE-2025-0970 Zenvia Movidesk Login redirect
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Account/Login. The manipulation of the argument ReturnUrl leads to open redirect. The attack can be launched remotely. The...
CVE-2025-0970
The CVE-2025-0970 entry affects Zenvia Movidesk (up to version 25.01.22) and is caused by an open redirect vulnerability in the /Account/Login endpoint via manipulation of the ReturnUrl parameter. The vulnerability enables remote attackers to redirect users to arbitrary URLs, with user interactio...