logo_clicknbuy.png

CVE-2025-7785 – JeeSite Open Redirect Vulnerability

The following table lists the changes that have been made to the
CVE-2025-7785 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by [email protected]

    Jul. 18, 2025

    Action Type Old Value New Value
    Added Description A vulnerability classified as problematic was found in thinkgem JeeSite up to 5.12.0. This vulnerability affects the function sso of the file src/main/java/com/jeesite/modules/sys/web/SsoController.java. The manipulation of the argument redirect leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue.
    Added CVSS V4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
    Added CVSS V2 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
    Added CWE CWE-601
    Added Reference https://github.com/thinkgem/jeesite5/commit/3d06b8d009d0267f0255acc87ea19d29d07cedc3
    Added Reference https://github.com/thinkgem/jeesite5/issues/29
    Added Reference https://github.com/thinkgem/jeesite5/issues/29#issue-3209433725
    Added Reference https://github.com/thinkgem/jeesite5/issues/29#issuecomment-3045862084
    Added Reference https://vuldb.com/?ctiid.316846
    Added Reference https://vuldb.com/?id.316846
    Added Reference https://vuldb.com/?submit.616104
Share the Post:

Related Posts