CVE-2018-14474
CVE-2018-14474 affects Orange Forum 1.4.0, with an open redirect in views/auth.go triggered by the next parameter to /login or /signup. The vulnerability allows an attacker to redirect users to a malicious site, potentially enabling phishing or credential theft. Several connected sources (e.g., N...