CVE-2025-7949 is an open redirect vulnerability identified in Sanluan PublicCMS versions up to 5.202506.a. The vulnerability resides in the handling of the 'url' argument within the template file located at publiccms-parent/publiccms/src/main/resources/templates/admin/cmsDiy/preview.html. An attacker can manipulate this 'url' parameter to redirect users to arbitrary external websites. This type of vulnerability is classified as an open redirect, which can be exploited remotely without requiring authentication. The vulnerability has a CVSS 4.0 base score of 5.1, indicating a medium severity level. The vector details show that the attack vector is network-based (AV:N), with low attack complexity (AC:L), no privileges required (PR:L, which actually means low privileges required), and user interaction is required (UI:P). The impact on confidentiality is none (VC:N), integrity is low (VI:L), and availability is none (VA:N). The vulnerability does not affect system confidentiality or availability but can impact integrity by redirecting users to malicious sites, potentially facilitating phishing, malware distribution, or social engineering attacks. A patch has been developed and is referenced by commit hashes c1e79f124e3f4c458315d908ed7dee06f9f12a76 and f1af17af004ca9345c6fe4d5936d87d008d26e75, and it is strongly recommended to apply this patch to remediate the issue. No known exploits are currently observed in the wild, but public disclosure of the exploit code increases the risk of exploitation.

For European organizations using Sanluan PublicCMS, this vulnerability poses a moderate risk primarily through social engineering and phishing attacks. Attackers can craft URLs that appear to originate from trusted internal CMS domains but redirect users to malicious external sites, potentially leading to credential theft, malware infection, or other fraud. This can undermine user trust in the affected organization's web properties and may lead to reputational damage. While the vulnerability does not directly compromise system confidentiality or availability, the indirect consequences of successful phishing or malware campaigns can be significant. Organizations in sectors with high reliance on web content management systems, such as media, education, government, and e-commerce, are particularly at risk. The requirement for user interaction means that user awareness and training are critical components of risk mitigation. Additionally, the vulnerability could be leveraged as part of a multi-stage attack chain, increasing its potential impact.

1. Immediate application of the official patch referenced by the commit hashes to Sanluan PublicCMS is the most effective mitigation. 2. Implement strict input validation and output encoding for URL parameters within the CMS to prevent manipulation of redirect targets. 3. Employ Content Security Policy (CSP) headers to restrict the domains to which users can be redirected. 4. Use web application firewalls (WAFs) to detect and block suspicious redirect patterns or anomalous URL parameters. 5. Conduct user awareness training to educate users about the risks of clicking on unexpected links, especially those that appear to redirect externally. 6. Monitor web server logs for unusual redirect activities or spikes in traffic to unknown external domains. 7. Consider implementing multi-factor authentication (MFA) for CMS administrative access to reduce the risk of further compromise if phishing is successful. 8. Regularly audit and review CMS templates and code for similar vulnerabilities to proactively identify and remediate issues.