CVE 5.1 MEDIUM

zlt2000 microservices-platform OauthLogoutSuccessHandler.java onLogoutSuccess redirect_CVE-2025-8737

August 8, 2025 invoker category_cve

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

AI Analysis

An open redirect vulnerability in the onLogoutSuccess function of zlt2000 microservices-platform allows attackers to redirect users to malicious sites. This is remotely exploitable and has been publicly disclosed.

Basic Information

ID CVE-2025-8737

Source VulDB

Published Aug 8, 2025 at 19:32

Modified Aug 8, 2025 at 19:49

Affected Product

Vendor zlt2000

Product microservices-platform

Version 6.0

Affected Versions zlt2000 microservices-platform 6.0

CWE Classification

CWE-601

AI Assessment

AI Severity Medium

Vendor zlt2000

Product microservices-platform

Version 6.0

References

{
    "lastseen": "",
    "description": "A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-08-08T19:32:05.170Z",
    "modified": "2025-08-08T19:49:33.165Z",
    "type": "cve",
    "title": "zlt2000 microservices-platform OauthLogoutSuccessHandler.java onLogoutSuccess redirect",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319233\nhttps://vuldb.com/?ctiid.319233\nhttps://vuldb.com/?submit.623477\nhttps://github.com/zlt2000/microservices-platform/issues/78\nhttps://github.com/zlt2000/microservices-platform/issues/78#issue-3264847333",
    "id": "CVE-2025-8737",
    "bulletinFamily": "",
    "cwe": [
        "CWE-601"
    ],
    "cvelist": null,
    "sourceData": "zlt2000 microservices-platform 6.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "microservices-platform",
    "version": "6.0",
    "vendor": "zlt2000",
    "ai_description": "An open redirect vulnerability in the onLogoutSuccess function of zlt2000 microservices-platform allows attackers to redirect users to malicious sites. This is remotely exploitable and has been publicly disclosed.",
    "ai_severity": "Medium",
    "ai_vendor": "zlt2000",
    "ai_product": "microservices-platform",
    "ai_version": "6.0",
    "ai_score": 0
}

💭 Join the Security Discussion ❌ Cancel Reply