⚠️ Pracivo Security Lab — Open redirect in login, email header injection in contact, username enumeration in reset.
MailHub Vulnerabilities
- /login?next= — Open Redirect: redirect to any URL after login
- /contact — Email Header Injection: inject CC/BCC via form fields
- /reset — Username Enumeration: different messages reveal valid usernames
- /headers — Info Disclosure: sensitive data in response headers