| عنوان | TOTVS Portal Meu RH 12.1.17 Open Redirect combined with phishing in password reset |
|---|
| الوصف | An Open Redirect vulnerability in the password recovery flow of the TOTVS Meu RH Portal platform allows attackers to manipulate the redirectUrl parameter, causing the application to send legitimate emails that redirect users to malicious external domains, enabling highly convincing phishing attacks. |
|---|
| المصدر | ⚠️ https://drive.google.com/file/d/1iorjSJ8gh3hTDZUy1fHyV-TJXFP43yIo/view?usp=sharing |
|---|
| المستخدم | Trenshyiavv (UID 86876) |
|---|
| ارسال | 17/08/2025 04:54 AM (10 أشهر منذ) |
|---|
| الاعتدال | 19/08/2025 07:14 PM (3 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 320579 [TOTVS Portal Meu RH حتى 12.1.17 Password Reset redirectUrl Redirect] |
|---|
| النقاط | 17 |
|---|