6.1
CVE-2025-34504
- EPSS 0.28%
- Veröffentlicht 11.12.2025 21:43:45
- Zuletzt bearbeitet 15.12.2025 18:21:05
- Quelle disclosure@vulncheck.com
- CVE-Watchlists
- Unerledigt
KodExplorer 4.52 Open Redirect Vulnerability via User Login Endpoint
KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Kodcloud ≫ Kodexplorer Version4.52
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.193 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| disclosure@vulncheck.com | 5.3 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
https://www.exploit-db.com/exploits/52245
https://kodcloud.com/
https://github.com/kalcaddle/KodExplorer/releases/tag/4.52
https://www.vulncheck.com/advisories/kodexplorer-open-redirect-vulnerability-via-user-login-endpoint