[MEDIUM] Sylius has an Open Redirect via Referer Header

PKSA-6vgh-6nsj-96p4 CVE-2026-31819 GHSA-9ffx-f77r-756w

Affected package: sylius/sylius

Affected version: >=2.2.0,<=2.2.2|>=2.1.0,<=2.1.11|>=2.0.0,<=2.0.15|>=1.14.0,<=1.14.17|>=1.13.0,<=1.13.14|>=1.12.0,<=1.12.22|>=1.11.0,<=1.11.16|>=1.10.0,<=1.10.15|<=1.9.11

Reported by:
GitHub