| 제목 | TOTVS Portal Meu RH 12.1.17 Open Redirect combined with phishing in password reset |
|---|
| 설명 | An Open Redirect vulnerability in the password recovery flow of the TOTVS Meu RH Portal platform allows attackers to manipulate the redirectUrl parameter, causing the application to send legitimate emails that redirect users to malicious external domains, enabling highly convincing phishing attacks. |
|---|
| 원천 | ⚠️ https://drive.google.com/file/d/1iorjSJ8gh3hTDZUy1fHyV-TJXFP43yIo/view?usp=sharing |
|---|
| 사용자 | Trenshyiavv (UID 86876) |
|---|
| 제출 | 2025. 08. 17. AM 04:54 (10 개월 ago) |
|---|
| 모더레이션 | 2025. 08. 19. PM 07:14 (3 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 320579 [TOTVS Portal Meu RH 까지 12.1.17 Password Reset redirectUrl Redirect] |
|---|
| 포인트들 | 17 |
|---|