CVE-2025-65581
The CVE-2025-65581 entry documents an open redirect in Volosoft ABP Framework’s Account module, affecting versions 5.1.0 up to but not including 10.0.0-rc.2. The root cause is improper validation of the returnUrl parameter in the register function, allowing redirects to arbitrary external domains...