CVE-2025-0970 | Zenvia Movidesk up to 25.01.22 /Account/Login ReturnUrl redirect

Inserito da Angelo Barbosa | Feb 2, 2025 | CVE

A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Account/Login. The manipulation of the argument ReturnUrl leads to open redirect.

This vulnerability is known as CVE-2025-0970. The attack can be launched remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-0970 | Zenvia Movidesk up to 25.01.22 /Account/Login ReturnUrl redirect

Post correlati

CVE-2024-12713 | SureForms Plugin up to 1.2.2 on WordPress authorization

CVE-2024-13550 | paulrosen ABC Notation Plugin up to 6.1.3 on WordPress Shortcode abcjs path traversal

CVE-2024-37498 | Pauple Table & Contact Form 7 Database Plugin up to 1.0.33 on WordPress information disclosure

CVE-2024-11078 | code-projects Job Recruitment 1.0 /register.php e cross site scripting