The vulnerability identified as CVE-2025-28896 affects Akshar Soft Solutions AS English Admin up to version 1.0.0. It is an Open Redirect flaw where the application improperly handles URL redirection, allowing attackers to redirect users to untrusted sites. This can be leveraged for phishing attacks by misleading users into visiting malicious websites. The CVSS 3.1 base score is 4.7, reflecting a network attack vector with low attack complexity, no privileges required, user interaction needed, scope changed, and limited confidentiality impact. No patch or official remediation guidance is currently provided.

Successful exploitation can lead to users being redirected to malicious external websites, increasing the risk of phishing attacks. The vulnerability does not directly compromise confidentiality, integrity, or availability of the affected system but can be used as part of social engineering attacks to deceive users.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users and administrators should be cautious with URLs from the affected application and consider implementing additional controls such as URL validation or user education to mitigate phishing risks.