logo_clicknbuy.png

CVE-2025-7763 – Open Redirect Vulnerability in thinkgem JeeSite Site Controller/SSO

The following table lists the changes that have been made to the
CVE-2025-7763 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by [email protected]

    Jul. 17, 2025

    Action Type Old Value New Value
    Added Description A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is an unknown function of the component Site Controller/SSO. The manipulation leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue. Multiple endpoints are affected.
    Added CVSS V4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
    Added CVSS V2 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
    Added CWE CWE-601
    Added Reference https://github.com/thinkgem/jeesite5/commit/3d06b8d009d0267f0255acc87ea19d29d07cedc3
    Added Reference https://github.com/thinkgem/jeesite5/issues/28
    Added Reference https://github.com/thinkgem/jeesite5/issues/28#issuecomment-3045862239
    Added Reference https://github.com/thinkgem/jeesite5/issues/29
    Added Reference https://vuldb.com/?ctiid.316758
    Added Reference https://vuldb.com/?id.316758
    Added Reference https://vuldb.com/?submit.616103
    Added Reference https://vuldb.com/?submit.616104
Share the Post:

Related Posts