CVE-2025-50736
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-30
Last updated on: 2025-12-01
Assigner: MITRE
Description
Description
An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect users to arbitrary external websites via the file parameter to the /gradio_api endpoint. This vulnerability could be exploited for phishing attacks or to bypass security filters.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| byaidu | pdfmathtranslate | 1.9.9 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an open redirect in Byaidu PDFMathTranslate v1.9.9. It allows attackers to create specially crafted URLs that cause the application to redirect users to arbitrary external websites through the file parameter in the /gradio_api endpoint.
How can this vulnerability impact me? :
The vulnerability can be exploited for phishing attacks by redirecting users to malicious websites, and it can also be used to bypass security filters, potentially leading to further security risks.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70