4 matches found
CVE-2025-54066 DiracX-Web login page has Open Redirect vulnerability
DiracX-Web is a web application that provides an interface to interact with the DiracX services. Prior to version 0.1.0-a8, an attacker can forge a request that they can pass to redirect an authenticated user to another arbitrary website. In the login page, DiracX-Web has a redirect field which i...
CVE-2025-54066 DiracX-Web login page has Open Redirect vulnerability
DiracX-Web is a web application that provides an interface to interact with the DiracX services. Prior to version 0.1.0-a8, an attacker can forge a request that they can pass to redirect an authenticated user to another arbitrary website. In the login page, DiracX-Web has a redirect field which i...
CVE-2025-54066
DiracX-Web has an Open Redirect vulnerability in versions prior to 0.1.0-a8. The login page’s redirect field accepts an arbitrary URI and is not validated. When combined with parameter pollution, an attacker can cloak a malicious redirect, potentially phishing users and harvesting credentials. Th...
CVE-2025-54066 DiracX-Web login page has Open Redirect vulnerability
DiracX-Web is a web application that provides an interface to interact with the DiracX services. Prior to version 0.1.0-a8, an attacker can forge a request that they can pass to redirect an authenticated user to another arbitrary website. In the login page, DiracX-Web has a redirect field which i...