PT-2025-44443 · Movary · Movary
Published
2025-10-30
·
Updated
2025-12-08
·
CVE-2025-64116
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Movary versions prior to 0.69.0
Description
Movary is a web application used for tracking and exploring movie watch history. Prior to version 0.69.0, the login page accepts a
redirect parameter without proper validation. This allows attackers to redirect authenticated users to arbitrary external websites. The vulnerable parameter is redirect.Recommendations
Update to version 0.69.0 or later.
Exploit
Fix
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Movary