CVE-2025-61782 | OpenCTI up to 6.8.2 SAML Authentication Endpoint /auth/saml/callback RelayState redirect (GHSA-jc3f-c62g-v7qw)

Inserito da Angelo Barbosa | Gen 7, 2026 | CVE

A vulnerability categorized as problematic has been discovered in OpenCTI up to 6.8.2. This vulnerability affects unknown code of the file /auth/saml/callback of the component SAML Authentication Endpoint. Such manipulation of the argument RelayState leads to open redirect.

This vulnerability is traded as CVE-2025-61782. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2025-61782 | OpenCTI up to 6.8.2 SAML Authentication Endpoint /auth/saml/callback RelayState redirect (GHSA-jc3f-c62g-v7qw)

Post correlati

CVE-2024-28188 | Jupyter Scheduler prior 1.1.6/1.2.1/1.8.2/2.5.2 Conda Environment information disclosure (GHSA-v9g2-g7j4-4jxc)

CVE-2022-34270 | RWS WorldServer up to 11.7.2 UserWSUserManager access control

CVE-2022-49515 | Linux Kernel up to 5.17.13/5.18.2 cs35l41-lib.c cs35l41_otp_unpack out-of-bounds

CVE-2024-28623 | RiteCMS 3.0.0 Edit Section cross site scripting