CVE-2026-5467

Casdoor OAuth Authorization Request redirect

Description

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirect_uri leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Products

Vendor	Product	Versions
—	casdoor	2.356.0

References

https://vuldb.com/vuln/355071(vdb-entry, technical-description)
https://vuldb.com/vuln/355071/cti(signature, permissions-required)
https://vuldb.com/submit/781769(third-party-advisory)

Related News (1 articles)

Tier C

VulDB10h ago

CVE-2026-5467 | Casdoor 2.356.0 OAuth Authorization Request redirect_uri

→ No new info (linked only)

CVSS 3.14.3 NONE

CISA KEV❌ No

Actively exploited❌ No

CWECWE-601

PublishedApr 3, 2026

Last enriched5h ago

Trending Score0

Source articles1

Independent1

Info Completeness0/14

Missing: cve_id, title, description, vendor, product, versions, cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 3, 2026

Discovered by ZDM

Apr 3, 2026