CVE-2025-59426 | lobehub lobe-chat up to 1.130.0 Header X-Forwarded-Host/X-Forwarded-Proto redirect (GHSA-xph5-278p-26qx)

A vulnerability has been found in lobehub lobe-chat up to 1.130.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-Host/X-Forwarded-Proto leads to open redirect.

This vulnerability is listed as CVE-2025-59426. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More