CVE-2025-8737
BaseFortify
Publication date: 2025-08-08
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zlt2000 | microservices-platform | 6.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an open redirect issue found in the zlt2000 microservices-platform up to version 6.0.0. It occurs in the onLogoutSuccess function of the OauthLogoutSuccessHandler.java file, where the redirect_url argument can be manipulated. This allows an attacker to redirect users to a malicious site after logout, potentially leading to phishing or other attacks. The vulnerability can be exploited remotely and has been publicly disclosed.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing attackers to redirect users to malicious websites after logout, which can be used for phishing attacks or to trick users into providing sensitive information. This can lead to compromised user trust, potential credential theft, and other security risks.