CVE-2025-7763
BaseFortify
Publication date: 2025-07-17
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jeesite | jeesite | to 5.12.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an open redirect issue found in the thinkgem JeeSite software up to version 5.12.0, specifically in an unknown function of the Site Controller/SSO component. An attacker can manipulate the system to redirect users to malicious sites. The vulnerability can be exploited remotely and affects multiple endpoints.
How can this vulnerability impact me? :
The vulnerability can be exploited to redirect users to malicious websites, potentially leading to phishing attacks or other malicious activities. This can harm users by exposing them to scams or malware and damage the reputation of the affected site.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch identified as 3d06b8d009d0267f0255acc87ea19d29d07cedc3 to fix the vulnerability. It is recommended to update thinkgem JeeSite to a version later than 5.12.0 where this issue is resolved.