CVE-2025-64116 – Movary vulnerable to an open redirect

CVE ID : CVE-2025-64116

Published : Oct. 30, 2025, 6:15 p.m. | 1 hour, 11 minutes ago

Description : Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0.

Severity: 5.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…