Currently, when pgAdmin is running in server mode and user opens the pgAdmin URL, it opens login page with redirect URL to /browser of pgAdmin using next param.
The vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The text was updated successfully, but these errors were encountered:
Currently, when pgAdmin is running in server mode and user opens the pgAdmin URL, it opens login page with redirect URL to /browser of pgAdmin using
nextparam.The vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The text was updated successfully, but these errors were encountered: