Home

Description

An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect users to arbitrary external websites via the file parameter to the /gradio_api endpoint. This vulnerability could be exploited for phishing attacks or to bypass security filters.

PUBLISHED Reserved 2025-06-16 | Published 2025-10-30 | Updated 2025-10-30 | Assigner mitre

References

pdf2zh.com/

github.com/...ulnerability-Research/tree/main/CVE-2025-50736

cve.org (CVE-2025-50736)

nvd.nist.gov (CVE-2025-50736)

Download JSON