CVE-2025-62379 | reflex up to 0.8.14 Environment Variable /auth-codespace redirect_to (GHSA-rfh5-c9h5-q8jm)

A vulnerability, which was classified as problematic, has been found in reflex up to 0.8.14. Impacted is an unknown function of the file /auth-codespace of the component Environment Variable Handler. Performing manipulation of the argument redirect_to results in open redirect.

This vulnerability is reported as CVE-2025-62379. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More