GHSA-xrj3-vmwr-69x4Medium

Open redirection vulnerability due to insufficient validation of the X-Forwarded-Host HTTP header...

Published
June 17, 2026
Last Modified
June 17, 2026

🔗 CVE IDs covered (1)

📋 Description

Open redirection vulnerability due to insufficient validation of the X-Forwarded-Host HTTP header. An attacker could create manipulated links that, when opened by a victim, cause the victim to be redirected to domains controlled by the attacker, enabling phishing or deception attacks with limited impact on confidentiality and integrity.

🔗 References (3)