Unrated severityNVD Advisory· Published Oct 30, 2025· Updated Oct 31, 2025
Movary vulnerable to an open redirect
CVE-2025-64116
Description
Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/leepeuker/movary/commit/716f703b4464ffdb0365c406f3660d275495769fmitrex_refsource_MISC
- github.com/leepeuker/movary/pull/713mitrex_refsource_MISC
- github.com/leepeuker/movary/security/advisories/GHSA-7q72-x26x-7f8gmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.