Medium severity4.7NVD Advisory· Published Apr 2, 2026· Updated Apr 15, 2026
CVE-2026-34847
CVE-2026-34847
Description
hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, the /enter page contains a DOM-based open redirect vulnerability. The redirect query parameter is directly used to construct a URL and redirect the user without proper validation. This issue has been patched in version 2026.3.0.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- github.com/hoppscotch/hoppscotch/security/advisories/GHSA-27pm-c9ch-746qnvdExploitVendor Advisory
- github.com/hoppscotch/hoppscotch/releases/tag/2026.3.0nvdRelease Notes
News mentions
0No linked articles in our index yet.