Description

An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains.

Severity (CVSS)

Base score5.1
SeverityMedium
VersionCVSS 4.0
VectorCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
Provided byCNA

Weaknesses

  • CWE-601 — CWE-601 URL redirection to untrusted site ('open redirect')

Affected products

VendorProductVersions
pretixVenueless0.0.0 to <d27864a7

References

Authoritative sources

This page is a snapshot. For the latest enrichment and updates, view the record on CVE.org or the NVD.

Generated from the official CVE List on 22 Jun 2026 14:43 UTC.