CVE-2025-7863: Open Redirect in thinkgem JeeSite
A vulnerability was found in thinkgem JeeSite up to 5.12.0 and classified as problematic. Affected by this issue is the function redirectUrl of the file src/main/java/com/jeesite/common/web/http/ServletUtils.java. The manipulation of the argument url leads to open redirect. The attack may be launched remotely. The name of the patch is 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue.
CVE-2025-7863: Open Redirect in thinkgem JeeSite
Description
A vulnerability was found in thinkgem JeeSite up to 5.12.0 and classified as problematic. Affected by this issue is the function redirectUrl of the file src/main/java/com/jeesite/common/web/http/ServletUtils.java. The manipulation of the argument url leads to open redirect. The attack may be launched remotely. The name of the patch is 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-07-19T04:17:02.842Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 687c5870a83201eaac007e4c
Added to database: 7/20/2025, 2:46:08 AM
Last updated: 7/20/2025, 2:46:08 AM
Views: 1
Related Threats
CVE-2025-7864: Unrestricted Upload in thinkgem JeeSite
MediumCVE-2025-7862: Missing Authentication in TOTOLINK T6
MediumCVE-2025-54314: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in rubyonrails Thor
LowCVE-2025-7861: SQL Injection in code-projects Church Donation System
MediumCVE-2025-53770: CWE-502: Deserialization of Untrusted Data in Microsoft Microsoft SharePoint Enterprise Server 2016
CriticalActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.