CNNVD-202510-4192 Information

CNNVD ID

CNNVD-202510-4192

Related CVE

CVE-2025-64116

• CNNVD Published: 2025-10-30

Description (Chinese)

Movary是Lee Peuker个人开发者的一个影评程序。 Movary 0.69.0之前版本存在输入验证错误漏洞，该漏洞源于登录页面未验证重定向参数，可能导致重定向攻击。

Description (English)

Movary is a film evaluation program for Lee Peuker’s personal developer. The previous version of Movary 0.69.0 had an input validation error loophole, which originated from the failure to verify re-direction parameters on the login page and could lead to a re-direction attack.

Hazard Level

Medium

Vulnerability Type

输入验证错误

Affected Vendor

个人开发者

Published

2025-10-30

Last Modified

2026-02-24

References

https://github.com/leepeuker/movary/commit/716f703b4464ffdb0365c406f3660d275495769f https://github.com/leepeuker/movary/pull/713 https://github.com/leepeuker/movary/security/advisories/GHSA-7q72-x26x-7f8g

Patch

https://github.com/leepeuker/movary/releases