CVE-2025-62379 | reflex up to 0.8.14 Environment Variable /auth-codespace redirect_to (GHSA-rfh5-c9h5-q8jm)

Inserito da Angelo Barbosa | Ott 15, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in reflex up to 0.8.14. Impacted is an unknown function of the file /auth-codespace of the component Environment Variable Handler. Performing manipulation of the argument redirect_to results in open redirect.

This vulnerability is reported as CVE-2025-62379. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2025-62379 | reflex up to 0.8.14 Environment Variable /auth-codespace redirect_to (GHSA-rfh5-c9h5-q8jm)

Post correlati

CVE-2024-9493 | Silabs ToolStick up to 2.60.1 uncontrolled search path

CVE-2023-52094 | Trend Micro Apex One Security Agent Security Agent Updater link following

CVE-2025-0565 | ZZCMS 2023 /index.php id sql injection

CVE-2023-38042 | Ivanti Secure Access Client up to 22.7 on Windows Local Privilege Escalation