CVE-2025-11222
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-04

Last updated on: 2025-12-04

Assigner: LINE Corporation

Description
Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-04
Last Modified
2025-12-04
Generated
2026-06-16
AI Q&A
2025-12-10
EPSS Evaluated
2026-06-15
NVD
CVE-2025-11222
EUVD
EUVD-2025-201153
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linecorp centraldogma *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided resources do not specify how this open redirect vulnerability in Central Dogma affects compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

This vulnerability is an Open Redirect issue in Central Dogma versions before 0.78.0. It occurs in the login function where attackers can craft malicious URLs that redirect users to untrusted, potentially phishing, websites. This happens because the application improperly uses user-controlled input to specify external redirect links, allowing attackers to trick users into visiting fake login pages and potentially stealing their credentials. [1]

Impact Analysis

If exploited, this vulnerability can lead to users being redirected to phishing sites that impersonate the legitimate Central Dogma login page. This can result in user account compromise and unauthorized access to the Central Dogma instance. The impact includes limited data exposure and limited data modification, but no impact on availability. [1]

Detection Guidance

This vulnerability can be detected by testing the login function of Central Dogma for open redirect behavior. Specifically, you can attempt to access the login URL with crafted parameters that redirect to an external untrusted site. For example, using curl or a browser, send requests to the login endpoint with redirect parameters pointing to an external URL and observe if the redirection occurs. Example command: curl -v 'https://your-centraldogma-instance/login?redirect=https://malicious-site.com' and check if the response redirects to the external URL. If it does, the system is vulnerable. [1]

Mitigation Strategies

The immediate mitigation step is to upgrade Central Dogma to version 0.78.0 or later, where the vulnerability is patched. As a workaround, if upgrading is not immediately possible, server operators can implement a custom AuthProvider to override the webLoginService() method to prevent the open redirect behavior. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11222. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart