KodExplorer 4.52 Open Redirect Vulnerability via User Login Endpoint

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Description

KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication.

Basic Information

ID CVE-2025-34504

Source VulnCheck

Published Dec 11, 2025 at 21:43

Affected Product

Vendor kodcloud

Product KodExplorer

Version 4.52

Affected Versions kodcloud KodExplorer 4.52

CWE Classification

CWE-601

References

{
    "lastseen": "",
    "description": "KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication.",
    "published": "2025-12-11T21:43:45.437Z",
    "modified": "2025-12-11T21:43:45.437Z",
    "type": "cve",
    "title": "KodExplorer 4.52 Open Redirect Vulnerability via User Login Endpoint",
    "source": "VulnCheck",
    "references": "https://www.exploit-db.com/exploits/52245\nhttps://kodcloud.com/\nhttps://github.com/kalcaddle/KodExplorer/releases/tag/4.52\nhttps://www.vulncheck.com/advisories/kodexplorer-open-redirect-vulnerability-via-user-login-endpoint",
    "id": "CVE-2025-34504",
    "bulletinFamily": "",
    "cwe": [
        "CWE-601"
    ],
    "cvelist": null,
    "sourceData": "kodcloud KodExplorer 4.52",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "KodExplorer",
    "version": "4.52",
    "vendor": "kodcloud",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

KodExplorer 4.52 Open Redirect Vulnerability via User Login Endpoint_CVE-2025-34504