Medium severity4.3NVD Advisory· Published Apr 3, 2026· Updated Apr 29, 2026
CVE-2026-5467
CVE-2026-5467
Description
A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirect_uri leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/casdoor/casdoorGo | <= 1.1000.0 | — |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/advisories/GHSA-mj24-pqx2-6788ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-5467ghsaADVISORY
- vuldb.com/submit/781769nvdThird Party AdvisoryVDB EntryWEB
- vuldb.com/vuln/355071nvdThird Party AdvisoryVDB EntryWEB
- vuldb.com/vuln/355071/ctinvdPermissions RequiredVDB EntryWEB
News mentions
0No linked articles in our index yet.