exploitDog

CVE-2025-34504

Опубликовано: 11 дек. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication.

Ссылки

https://github.com/kalcaddle/KodExplorer/releases/tag/4.52
Release Notes
https://kodcloud.com/
Product
https://www.exploit-db.com/exploits/52245
Exploit
Third Party Advisory
VDB Entry
https://www.vulncheck.com/advisories/kodexplorer-open-redirect-vulnerability-via-user-login-endpoint
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kodcloud:kodexplorer:4.52:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00303

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-601

Связанные уязвимости

GHSA-cpc7-gw8m-x49f

CVSS3: 6.1

github

около 2 месяцев назад

KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication.

EPSS

Процентиль: 53%

0.00303

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-601