CNNVD-202512-2250 Information
Dec 11, 2025
cve
CNNVD ID
CNNVD-202512-2250
Related CVE
- CNNVD Published: 2025-12-11
Description (Chinese)
Miniflux是Miniflux开源的一个极简主义的提要阅读器。 Miniflux 2 2.2.14及之前版本存在输入验证错误漏洞,该漏洞源于redirect_url验证不足,可能导致登录后钓鱼攻击。
Description (English)
Miniflux is a very concise, short-cut reader of the Miniflux open source. Miniflux 2 2.2.14 and previous versions had input validation error holes, which stemmed from inadequate validation of redirect url and could lead to post-entry fishing attacks.
Hazard Level
High
Vulnerability Type
输入验证错误
Affected Vendor
Miniflux
Published
2025-12-11
Last Modified
2026-02-24
References
https://github.com/miniflux/v2/commit/76df99f3a3db234cf6b312be5e771485213d03c7 https://github.com/miniflux/v2/security/advisories/GHSA-wqv2-4wpg-8hc9
Patch
https://miniflux.app/releases.html
Share on: