CNNVD-202511-1669 Information

CNNVD ID

CNNVD-202511-1669

Related CVE

CVE-2025-64716

• CNNVD Published: 2025-11-13

Description (Chinese)

Anubis是Xe Iaso个人开发者的一个工具。 Anubis 1.23.0之前版本存在输入验证错误漏洞，该漏洞源于子请求身份验证未验证重定向URL，可能导致重定向到任意URL方案。

Description (English)

Anubis is a tool for Xe Iaso personal developers. The pre-Anubis version had an input authentication error loophole, which originated from the sub-requested unverified re-directed URL, which could lead to a redirection to any URL program.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

个人开发者

Published

2025-11-13

Last Modified

2026-02-24

References

https://github.com/TecharoHQ/anubis/commit/7ed1753fcced351c81961bf520a7bfb2caac6e88 https://github.com/TecharoHQ/anubis/security/advisories/GHSA-cf57-c578-7jvv https://pkg.go.dev/vuln/GO-2025-4086

Patch

https://github.com/TecharoHQ/anubis/releases