Summary
CakePHP Authentication: Open redirect weakness via backslash bypass
References
Related vulnerabilities
All Supply chain →- MEDIUMGHSA-J5R2-4C8J-XC3M
Gitea: Open Redirect via redirect_to
- MEDIUMGHSA-C9CV-MQ2M-PPP3
Nuxt: URL-handling weaknesses in `navigateTo` and `reloadNuxtApp`: SSR open redirect, client-side script execution via the `open` option, and protocol-relative bypass in `reloadNuxtApp`
- MEDIUMGHSA-3P42-W5CH-GG42
TYPO3 CMS has an Open Redirect Vulnerability via Core Utilities
- CRITICALGHSA-8FQ9-273G-6MRG
Avo: Missing Authorization in Avo Association Attach Endpoint Allows Unauthorized Relationship Manipulation and Privilege Escalation
- MEDIUMGHSA-X2QC-CMH9-F4HF
Deno: Denial of service via non-ASCII bytes in WebSocket response headers
- CRITICALGHSA-2F55-G35J-5JMF
HAPI FHIR: XXE in XsltUtilities.saxonTransform via unhardened Saxon TransformerFactory