CVE-2026-3049 | horilla-opensource horilla up to 1.0.2 Query Parameter global_search.py get prev_url redirect

Inserito da Angelo Barbosa | Feb 23, 2026 | CVE

A vulnerability labeled as problematic has been found in horilla-opensource horilla up to 1.0.2. This issue affects the function get of the file horilla_generics/global_search.py of the component Query Parameter Handler. The manipulation of the argument prev_url results in open redirect.

This vulnerability is identified as CVE-2026-3049. The attack can be executed remotely. Additionally, an exploit exists.

The affected component should be upgraded.

CVE-2026-3049 | horilla-opensource horilla up to 1.0.2 Query Parameter global_search.py get prev_url redirect

Post correlati

CVE-2023-38369 | IBM Security Verify Access Appliance up to 10.0.6.1 Docker Image weak password (XFDB-261196)

CVE-2025-2812 | Mydata Informatics Ticket Sales Automation prior 03.04.2025 sql injection

CVE-2025-23027 | haydenbleasel next-forge up to 3.0.10 apps/web/.env.example cleartext storage

CVE-2023-46304 | vTiger CRM 7.5.0 Module.php code injection