CVE-2025-8737
zlt2000 microservices-platform OauthLogoutSuccessHandler.java onLogoutSuccess redirect
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
zlt2000 microservices-platform OauthLogoutSuccessHandler.java onLogoutSuccess redirect
A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Es wurde eine problematische Schwachstelle in zlt2000 microservices-platform bis 6.0.0 gefunden. Dabei betrifft es die Funktion onLogoutSuccess der Datei src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. Mit der Manipulation des Arguments redirect_url mit unbekannten Daten kann eine open redirect-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
| 2025-08-08: | Advisory disclosed |
| 2025-08-08: | VulDB entry created |
| 2025-08-08: | VulDB entry last update |
ZAST.AI (VulDB User)
vuldb.com/?id.319233 (VDB-319233 | zlt2000 microservices-platform OauthLogoutSuccessHandler.java onLogoutSuccess redirect)
vuldb.com/?ctiid.319233 (VDB-319233 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/?submit.623477 (Submit #623477 | zlt2000 https://github.com/zlt2000/microservices-platform <=6.0.0 Open Redirect)
github.com/zlt2000/microservices-platform/issues/78
github.com/zlt2000/microservices-platform/issues/78
Support options
