CVE-2025-12140 | THREATINT

Description

The application contains an insecure 'redirectToUrl' mechanism that incorrectly processes the value of the 'redirectUrlParameter' parameter. The application interprets the entered string of characters as a Java expression, allowing an unauthenticated attacer to perform arbitrary code execution. This issue was fixed in version wu#2016.1.5513#0#20251014_113353

PUBLISHED Reserved 2025-10-24 | Published 2025-11-27 | Updated 2025-11-27 | Assigner CERT-PL

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

Product status

Default status

unaffected

Any version before wu#2016.1.5513#0#20251014_113353

affected

Credits

Marcin Ressel finder

References

cert.pl/posts/2025/11/CVE-2025-12140/

cve.org (CVE-2025-12140)

nvd.nist.gov (CVE-2025-12140)

Download JSON