Naivekun

**Name of the Vulnerable Software and Affected Versions** OPNsense versions through 20.1.5 **Description** An open redirect issue was discovered. The redirect parameter `url` in the login page was not filtered and can redirect a user to any website. **Recommendations** For OPNsense versions through 20.1.5, update to a version later than 20.1.5 to resolve the issue. As a temporary workaround, consider restricting access to the login page or filtering the `url` parameter to minimize the risk of exploitation.