CVE-2025-7863

A vulnerability was found in thinkgem JeeSite up to 5.12.0 and classified as problematic. Affected by this issue is the function redirectUrl of the file src/main/java/com/jeesite/common/web/http/ServletUtils.java. The manipulation of the argument url leads to open redirect. The attack may be launched remotely. The name of the patch is 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue.

CVSS

No CVSS.

References

Link	Resource
https://github.com/thinkgem/jeesite5/commit/3d06b8d009d0267f0255acc87ea19d29d07cedc3
https://github.com/thinkgem/jeesite5/issues/30
https://github.com/thinkgem/jeesite5/issues/30
https://github.com/thinkgem/jeesite5/issues/30#issuecomment-3045861920
https://github.com/thinkgem/jeesite5/issues/30#issuecomment-3045861920
https://vuldb.com/?ctiid.316976
https://vuldb.com/?id.316976
https://vuldb.com/?submit.618188

Configurations

No configuration.

History

22 Jul 2025, 15:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~3.5~~	v2 : unknown v3 : unknown
CWE	~~CWE-601~~

20 Jul 2025, 03:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-20 03:15

Updated : 2025-07-22 15:15

NVD link : CVE-2025-7863

Mitre link : CVE-2025-7863

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2025-7863

Attach tags to `CVE-2025-7863`