exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2025-67713

2 месяца назад

Miniflux 2 is an open source feed reader. Versions 2.2.14 and below treat redirect_url as safe when url.Parse(...).IsAbs() is false, enabling phishing flows after login. Protocol-relative URLs like //ikotaslabs.com have an empty scheme and pass that check, allowing post-login redirects to attacker-controlled sites. This issue is fixed in version 2.2.15.

EPSS: Низкий

CVE-2025-67713

2 месяца назад

Miniflux 2 is an open source feed reader. Versions 2.2.14 and below treat redirect_url as safe when url.Parse(...).IsAbs() is false, enabling phishing flows after login. Protocol-relative URLs like //ikotaslabs.com have an empty scheme and pass that check, allowing post-login redirects to attacker-controlled sites. This issue is fixed in version 2.2.15.

EPSS: Низкий

CVE-2025-67713

2 месяца назад

Miniflux 2 is an open source feed reader. Versions 2.2.14 and below tr ...

EPSS: Низкий

GHSA-wqv2-4wpg-8hc9

2 месяца назад

Miniflux has an Open Redirect via protocol-relative redirect_url

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	EPSS	Опубликовано
CVE-2025-67713 Miniflux 2 is an open source feed reader. Versions 2.2.14 and below treat redirect_url as safe when url.Parse(...).IsAbs() is false, enabling phishing flows after login. Protocol-relative URLs like //ikotaslabs.com have an empty scheme and pass that check, allowing post-login redirects to attacker-controlled sites. This issue is fixed in version 2.2.15.	0% Низкий	2 месяца назад
CVE-2025-67713 Miniflux 2 is an open source feed reader. Versions 2.2.14 and below treat redirect_url as safe when url.Parse(...).IsAbs() is false, enabling phishing flows after login. Protocol-relative URLs like //ikotaslabs.com have an empty scheme and pass that check, allowing post-login redirects to attacker-controlled sites. This issue is fixed in version 2.2.15.	0% Низкий	2 месяца назад
CVE-2025-67713 Miniflux 2 is an open source feed reader. Versions 2.2.14 and below tr ...	0% Низкий	2 месяца назад
GHSA-wqv2-4wpg-8hc9 Miniflux has an Open Redirect via protocol-relative redirect_url	0% Низкий	2 месяца назад

Уязвимостей на страницу