GHSA-6RX5-M2RC-HMF7 ZITADEL: Stored XSS via Default URI Redirect Leads to Account Takeover
Summary A vulnerability in Zitadel's login V2 interface was discovered, allowing for possible account takeover. Impact Zitadel allows organization administrators to change the default redirect URI for their organization. This setting enables them to redirect users to an arbitrary location after...