Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
url redirect vulnerability in xoops25-2.5.8 #523
When xoops_redirect is not a full https url, the defence will be bypassed.
Credit: ADLab of Venustech
Addition: this vulnerability also affected "XOOPS 2.5.9 Release Candidate 2" with "User Profile" module .