1. DIA Backend API Vulnerability Exposes Users to Open Redirect Phishing Attacks
A critical security flaw in the DIA platform allows attackers to redirect users to arbitrary malicious websites. The vulnerability resides in the `redirectToExternalUrl()` method, which accepts an external URL from the backend API and passes it directly to the browser without any validation, domain allowlisting, or pro...