PT-2025-39385

Name of the Vulnerable Software and Affected Versions Lobe Chat versions prior to 1.130.1 Description Lobe Chat, an open-source artificial intelligence chat framework, has an issue in its OIDC redirect handling logic. The logic builds the redirect URL’s host and protocol using the X-Forwarded-Hos...

CVE-2024-41801

OpenProject prior to 14.3.0 is affected by an open redirect/phishing vulnerability caused by accepting forged HOST headers in default packaged installations with the Login required setting. The issue could allow redirection to a remote host when HOST/X-Forwarded-Host headers are not correctly fix...