GHSA-xrj3-vmwr-69x4Medium
Open redirection vulnerability due to insufficient validation of the X-Forwarded-Host HTTP header...
🔗 CVE IDs covered (1)
📋 Description
Open redirection vulnerability due to insufficient validation of the X-Forwarded-Host HTTP header. An attacker could create manipulated links that, when opened by a victim, cause the victim to be redirected to domains controlled by the attacker, enabling phishing or deception attacks with limited impact on confidentiality and integrity.