CVE Catalog

CVE-2026-10839

MediumCVSS 5.1
Published: Updated: Translated: NVD NIST

Summary

An open redirection vulnerability in the authentication system allows an attacker to manipulate values in the X-Forwarded-Host header, potentially altering URLs generated by the application.

Risk Assessment

A successful exploit could redirect authenticated users to malicious sites following login procedures or interaction with the interface, resulting in limited impact on confidentiality and integrity.

Recommendation

It is recommended to validate and sanitize the X-Forwarded-Host header values and implement appropriate mechanisms to protect against open redirection.

Original NVD description (English source)

Open redirection vulnerability in the authentication system allows an attacker to use manipulated values in the X-Forwarded-Host header to alter the URLs generated by the application. A successful exploit could redirect authenticated users to malicious sites following login procedures or interaction with the interface, resulting in limited impact on confidentiality and integrity.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS