Home

Description

KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication.

PUBLISHED Reserved 2025-04-15 | Published 2025-12-11 | Updated 2025-12-16 | Assigner VulnCheck




MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

Product status

Default status
unaffected

4.52
affected

Credits

Rahad Chowdhury finder

References

www.exploit-db.com/exploits/52245 (ExploitDB-52245) exploit

kodcloud.com/ (KodExplorer Homepage) product

github.com/kalcaddle/KodExplorer/releases/tag/4.52 (KodExplorer Release Page) product

www.vulncheck.com/...t-vulnerability-via-user-login-endpoint (VulnCheck Advisory: KodExplorer 4.52 Open Redirect Vulnerability via User Login Endpoint) third-party-advisory

cve.org (CVE-2025-34504)

nvd.nist.gov (CVE-2025-34504)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.