Search HackerFeeds

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate path-norm

matched in description · 2026-06-22

An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains.

matched in description · 2026-06-22

Capgo before 12.128.2 contains an open redirect vulnerability in the confirm-signup endpoint that allows attackers to redirect users to arbitrary external websi

matched in description · 2026-06-20

Capgo before 12.128.2 contains an open redirect vulnerability in stripe_portal and stripe_checkout endpoints that accept unvalidated callbackUrl, successUrl, an

matched in description · 2026-06-20

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX. The default configuration of cas-auth in Apache APISIX is vulnerable to phi

matched in description · 2026-06-19

Open redirect in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honoured the user-supplied 'next' query/form parameter wi

matched in description · 2026-06-19

Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server (ErrorResponse messages, includin

matched in description · 2026-06-19