Dhina016

**Name of the Vulnerable Software and Affected Versions** CodeCanyon RISE Rise Ultimate Project Manager version 3.5.3 **Description** A problematic vulnerability was found in the CodeCanyon RISE Rise Ultimate Project Manager, affecting the file /index.php/signin. The manipulation of the `redirect` argument with the input http://evil.com leads to an open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For CodeCanyon RISE Rise Ultimate Project Manager version 3.5.3, consider disabling the `/index.php/signin` endpoint or restricting the use of the `redirect` argument until a patch is available. As a temporary workaround, avoid using the `redirect` argument in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.