AVideo < 20.0 Open Redirect via siteRedirectUri Parameter_CVE-2025-34440

4.8 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Description

AVideo versions prior to 20.0 contain an open redirect vulnerability caused by insufficient validation of the siteRedirectUri parameter during user registration. Attackers can redirect users to external sites, facilitating phishing attacks.

Basic Information

ID CVE-2025-34440

Source VulnCheck

Published Dec 17, 2025 at 19:48

Affected Product

Vendor World Wide Broadcast Network

Product AVideo

Affected Versions World Wide Broadcast Network AVideo 0

CWE Classification

CWE-601

References

{
    "lastseen": "",
    "description": "AVideo versions prior to 20.0 contain an open redirect vulnerability caused by insufficient validation of the siteRedirectUri parameter during user registration. Attackers can redirect users to external sites, facilitating phishing attacks.",
    "published": "2025-12-17T19:48:57.026Z",
    "modified": "2025-12-17T19:48:57.026Z",
    "type": "cve",
    "title": "AVideo < 20.0 Open Redirect via siteRedirectUri Parameter",
    "source": "VulnCheck",
    "references": "https://github.com/WWBN/AVideo/commit/4a53ab2056\nhttps://github.com/WWBN/AVideo/commit/77c70019b0\nhttps://www.vulncheck.com/advisories/avideo-open-redirect-via-siteredirecturi-parameter",
    "id": "CVE-2025-34440",
    "bulletinFamily": "",
    "cwe": [
        "CWE-601"
    ],
    "cvelist": null,
    "sourceData": "World Wide Broadcast Network AVideo 0",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AVideo",
    "version": "0",
    "vendor": "World Wide Broadcast Network",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}