A vulnerability was found in Zitadel up to 2.70.11/2.71.10/3.2.1. It has been classified as problematic. This affects an unknown part. The manipulation of the argument Forwarded/X-Forwarded-Host leads to open redirect.
This vulnerability is uniquely identified as CVE-2025-48936. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.