Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Qwik City Open Redirect via fixTrailingSlash
Vulnerability Description
Qwik is a performance focused javascript framework. Prior to version 1.19.0, an Open Redirect vulnerability in Qwik City's default request handler middleware allows a remote attacker to redirect users to arbitrary protocol-relative URLs. Successful exploitation permits attackers to craft convincing phishing links that appear to originate from the trusted domain but redirect the victim to an attacker-controlled site. This issue has been patched in version 1.19.0.
CVSS Information
N/A
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Qwik 输入验证错误漏洞
Vulnerability Description
Qwik是Qwik Dev开源的一款微型Web框架。 Qwik 1.19.0之前版本存在输入验证错误漏洞,该漏洞源于默认请求处理程序中间件存在开放重定向漏洞,可能导致远程攻击者将用户重定向到任意协议相对URL。
CVSS Information
N/A
Vulnerability Type
N/A