漏洞关键信息 Title: CloudPanel CloudPanel Community Edition 2.5.1 URL Redirection to Untrusted Site ('Open Redirect') Description: CloudPanel Community Edition (CE) before v2.5.2 contains an open redirect vulnerability in the "/admin/users" endpoint due to improper validation of the Referer HTTP header, allowing an attacker to supply a crafted external URL that triggers a 302 redirect to an arbitrary domain, which can be leveraged for phishing attacks by redirecting users from a legitimate CloudPanel page to a malicious website. Source:  User: alexperrakis (UID 85369) Submission: 12/28/2025 09:41 PM (6 days ago) Moderation: 12/29/2025 09:10 AM (11 hours later) Status: Accepted VulDB entry:  [CloudPanel Community Edition up to 2.5.1 HTTP Header /admin/users Referer redirect] Points: 19