1378 matches found
EUVD-2026-40419
Invoice Ninja through 5.13.26 contains an open redirect vulnerability in the client portal login that allows unauthenticated attackers to redirect authenticated victims to attacker-controlled external URLs by injecting a malicious value into the intended query parameter. Attackers can craft a...
CVE-2026-57533
Malicious HTML content could be injected into the page pretix shows when redirection to an untrusted page occurs. Since this page has a Content-Security-Policy, this can mainly be used for phishing purposes...
CVE-2026-57533
Malicious HTML content could be injected into the page pretix shows when redirection to an untrusted page occurs. Since this page has a Content-Security-Policy, this can mainly be used for phishing purposes...
CVE-2026-57533
Technical details (affected product/version/root cause/patch) are not publicly provided in the supplied documents. Monitor for updates.
CVE-2026-47693
Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable to CSV Injection Formula Injection in its log export functionality. User-controlled data — specifically the username field — is written to exported CSV files without sanitizing...
CVE-2026-47693
CVE-2026-47693 details (Poweradmin) : Poweradmin, a web-based DNS admin tool for PowerDNS, is vulnerable to CSV Injection in its log export endpoints. User-supplied data (notably the username) is written to exported CSVs without sanitizing formula trigger characters (=, +, -, @). When an admin ex...
CVE-2026-47693
Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable to CSV Injection Formula Injection in its log export functionality. User-controlled data — specifically the username field — is written to exported CSV files without sanitizing...
Gogs has an Open Redirect via redirect_to
Summary An open redirect vulnerability exists in Gogs where attacker-controlled redirectto parameters can bypass validation, allowing redirection to arbitrary external sites. Details All redirects in Gogs that are validated via the IsSameSite function are vulnerable: go func IsSameSiteurl string...
CVE-2026-4983
Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without security headers such as Content-Security-Policy or Content-Disposition: attachment. This allows an attacker to publish an extension with a maliciou...
PT-2026-51621
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description An open redirect issue exists where attacker-controlled redirect to parameters can bypass validation, allowing redirection to arbitrary external sites. This occurs in all redirects validated via the...
CVE-2026-56697
Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...
CVE-2026-56697 Nuxt - Open Redirect via Protocol-Relative Paths in reloadNuxtApp
Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...
CVE-2026-56326
Nuxt.js (versions 4.0.0–4.4.6 and 3.x up to 3.21.6) contains a server-side open redirect vulnerability in navigateTo due to improper validation of path-normalized payloads (e.g., /..//evil.com, /.//evil.com). Attackers can bypass external-host checks via path-normalization techniques to redirect ...
CVE-2026-56326 Nuxt - Server-Side Open Redirect via Path-Normalization Bypass in navigateTo
Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate path-normalized payloads like /..//evil.com and /.//evil.com. Attackers can bypass external-host checks using path-normalization techniques to...
EUVD-2026-38375
Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate path-normalized payloads like /..//evil.com and /.//evil.com. Attackers can bypass external-host checks using path-normalization techniques to...
EUVD-2026-38221
An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains...
CVE-2026-56332
Capgo
EUVD-2026-38127
Capgo before 12.128.2 contains an open redirect vulnerability in the confirm-signup endpoint that allows attackers to redirect users to arbitrary external websites. The confirmationurl parameter is not validated, enabling attackers to craft malicious links for phishing and credential harvesting...
EUVD-2026-38018
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Apache APISIX. The default configuration of cas-auth in Apache APISIX is vulnerable to phishing and credential theft. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0,...
CVE-2026-44915
CVE-2026-44915 is an Open Redirect vulnerability in Apache APISIX related to the cas-auth plugin in its default configuration. The issue affects Apache APISIX versions 3.0.0 through 3.16.0 and could enable phishing and credential theft. Apache recommends upgrading to version 3.17.0, which contain...