Plane Vulnerable to Cross-Site Scripting via Open Redirect in ?next

8.1 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Description

Plane is open-source project management software. Prior to version 1.1.0, an open redirect vulnerability in the ?next_path query parameter allows attackers to supply arbitrary schemes (e.g., javascript:) that are passed directly to router.push. This results in a cross-site scripting (XSS) vulnerability, enabling attackers to execute arbitrary JavaScript in the victim’s browser. The issue can be exploited without authentication and has severe impact, including information disclosure, and privilege escalation and modifications of administrative settings. This issue has been patched in version 1.1.0.

Basic Information

ID CVE-2025-62716

Source GitHub_M

Published Oct 24, 2025 at 20:06

Modified Oct 24, 2025 at 20:28

Affected Product

Vendor makeplane

Product plane

Version < 1.1.0

Affected Versions makeplane plane < 1.1.0

CWE Classification

CWE-79 CWE-601

References

github.com /makeplane/plane/security/advisories/GHSA-6fj7-xgpg-mj6f

{
    "lastseen": "",
    "description": "Plane is open-source project management software. Prior to version 1.1.0, an open redirect vulnerability in the ?next_path query parameter allows attackers to supply arbitrary schemes (e.g., javascript:) that are passed directly to router.push. This results in a cross-site scripting (XSS) vulnerability, enabling attackers to execute arbitrary JavaScript in the victim\u2019s browser. The issue can be exploited without authentication and has severe impact, including information disclosure, and privilege escalation and modifications of administrative settings. This issue has been patched in version 1.1.0.",
    "published": "2025-10-24T20:06:18.446Z",
    "modified": "2025-10-24T20:28:13.981Z",
    "type": "cve",
    "title": "Plane Vulnerable to Cross-Site Scripting via Open Redirect in ?next_path Parameter",
    "source": "GitHub_M",
    "references": "https://github.com/makeplane/plane/security/advisories/GHSA-6fj7-xgpg-mj6f",
    "id": "CVE-2025-62716",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-601"
    ],
    "cvelist": null,
    "sourceData": "makeplane plane < 1.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.1,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "plane",
    "version": "< 1.1.0",
    "vendor": "makeplane",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Plane Vulnerable to Cross-Site Scripting via Open Redirect in ?next_path Parameter_CVE-2025-62716