CVE-2025-48936 | Zitadel up to 2.70.11/2.71.10/3.2.1 Forwarded/X-Forwarded-Host redirect

Inserito da Angelo Barbosa | Mag 30, 2025 | CVE

A vulnerability was found in Zitadel up to 2.70.11/2.71.10/3.2.1. It has been classified as problematic. This affects an unknown part. The manipulation of the argument Forwarded/X-Forwarded-Host leads to open redirect.

This vulnerability is uniquely identified as CVE-2025-48936. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-48936 | Zitadel up to 2.70.11/2.71.10/3.2.1 Forwarded/X-Forwarded-Host redirect

Post correlati

CVE-2021-46916 | Linux Kernel up to 5.11.15 ixgbe q_vector napi_id null pointer dereference (758d19098df4/31166efb1cee)

CVE-2024-30283 | Adobe Framemaker up to 2020.5/2022.3 out-of-bounds (apsb24-37)

CVE-2024-21463 | Qualcomm Snapdragon Codec2 memory corruption

CVE-2024-36626 | PrestaShop 8.1.4 Tools.php math_round null pointer dereference