You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: advisories/github-reviewed/2025/12/GHSA-vfm5-cr22-jg3m/GHSA-vfm5-cr22-jg3m.json
+30-4Lines changed: 30 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -1,19 +1,40 @@
1
1
{
2
2
"schema_version": "1.4.0",
3
3
"id": "GHSA-vfm5-cr22-jg3m",
4
-
"modified": "2025-12-16T21:30:54Z",
4
+
"modified": "2025-12-16T23:12:33Z",
5
5
"published": "2025-12-16T18:31:35Z",
6
6
"aliases": [
7
7
"CVE-2025-65581"
8
8
],
9
+
"summary": "ABP Account Module has an Open Redirect through Improper validation in its register function",
9
10
"details": "An open redirect vulnerability exists in the Account module in Volosoft ABP Framework >= 5.1.0 and < 10.0.0-rc.2. Improper validation of the returnUrl parameter in the register function allows an attacker to redirect users to arbitrary external domains.",
![advisory-database[bot]](https://avatars.githubusercontent.com/in/21409?v=4&size=40){kind=avatar}
0 commit comments