CVE POC Report - Open Redirect Vendor: Kaleidos Open Source GitHub: https://github.com/taigaio Website: https://taiga.io/ Version: 6.8.1 Description: Open Redirect vulnerability in Taiga Version 6.8.1 allows attackers to redirect users to arbitrary websites via appending a crafted link to in the login page URL. By sending crafted links (URLs) to victims, attackers can steal their credentials and perform phishing attacks. Proof-of-Concept (PoC) Flow: 1. An attacker sends a crafted Taiga login page link to the victim, which redirects to a malicious website ( ). 2. The victim authenticates to the system using the attacker's crafted link and redirects to a malicious website controlled by the attacker.