flarum/core Security Advisories for v1.8.0 (2)
-
[MEDIUM] Flarum Vulnerable to Session Hijacking via Authoritative Subdomain Cookie Overwrite
PKSA-wm5r-h6h3-m2pf CVE-2025-27794 GHSA-hg9j-64wp-m9px
Affected version: <1.8.10
Reported by:
GitHub -
[MEDIUM] Flarum's logout Route allows open redirects
PKSA-t2c9-4b54-wr9g CVE-2024-21641 GHSA-733r-8xcp-w9mr
Affected version: <1.8.5
Reported by:
GitHub