A vulnerability marked as problematic has been reported in Umbraco CMS up to 13.13.x/17.3.x . This affects an unknown function of the component Query Parameter Handler . This manipulation of the argument RedirectUrl causes open redirect. This vulnerability appears as CVE-2026-46616 . The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.