A vulnerability was found in immich-app immich up to . It has been classified as problematic . Affected by this issue is the function redirect of the file /auth/login of the component Query Parameter Handler . Performing a manipulation results in cross site scripting. This vulnerability is reported as CVE-2026-53662 . The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.