Login Sign Up

CVE-2025-7785

4.3 MEDIUM
Open Redirect

📋 TL;DR

This CVE describes an open redirect vulnerability in JeeSite's SSO controller that allows attackers to redirect users to malicious websites. The vulnerability affects JeeSite versions up to 5.12.0 and can be exploited remotely without authentication.

💻 Affected Systems

Products:
  • thinkgem JeeSite
Versions: up to 5.12.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the SSO functionality specifically in the SsoController.java file.

📦 What is this software?

Jeesite by Jeesite

View all CVEs affecting Jeesite →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users could be redirected to phishing sites that steal credentials or deliver malware, potentially leading to account compromise or system infection.

🟠

Likely Case

Attackers use the redirect for phishing campaigns, tricking users into visiting malicious sites that appear legitimate.

🟢

If Mitigated

With proper input validation and URL whitelisting, the redirect would be blocked or validated before execution.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit has been publicly disclosed and requires minimal technical skill to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 3d06b8d009d0267f0255acc87ea19d29d07cedc3

Vendor Advisory: https://github.com/thinkgem/jeesite5/commit/3d06b8d009d0267f0255acc87ea19d29d07cedc3

Restart Required: Yes

Instructions:

1. Update to the latest JeeSite version or apply commit 3d06b8d009d0267f0255acc87ea19d29d07cedc3. 2. Restart the application server. 3. Verify the fix by testing redirect functionality.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side validation to only allow redirects to trusted domains

Implement custom filter in web.xml or Spring Security configuration to validate redirect URLs

Disable SSO Redirect Parameter

all

Temporarily disable or restrict the redirect parameter functionality

Modify SsoController.java to remove or hardcode redirect parameter

🧯 If You Can't Patch

  • Implement WAF rules to block malicious redirect URLs
  • Deploy network monitoring to detect suspicious redirect patterns

🔍 How to Verify

Check if Vulnerable:

Test the SSO endpoint with a malicious redirect parameter (e.g., ?redirect=http://evil.com) and check if it redirects

Check Version:

Check pom.xml or application properties for JeeSite version, or use: java -jar your-app.jar --version

Verify Fix Applied:

After patching, test the same malicious redirect parameter - it should be blocked or validated

📡 Detection & Monitoring

Log Indicators:

  • Unusual redirect patterns in access logs
  • Requests with external domains in redirect parameters

Network Indicators:

  • HTTP 302 redirects to unexpected external domains
  • Suspicious referrer patterns

SIEM Query:

http.status_code=302 AND url.query CONTAINS "redirect=" AND NOT url.destination IN (trusted_domains)

📊 Metadata

CVE ID: CVE-2025-7785
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CWE: CWE-601
EPSS Score: 0.07% exploit probability (22.3th percentile)
Published: July 18, 2025
Last Updated: August 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-7785, you might also want to check these:

CVE-2025-43526 9.8

A URL validation vulnerability in macOS and Safari allows web content opened via file URLs to bypass...

Same vulnerability type (CWE-601)
CVE-2025-55031 9.8

This vulnerability in Firefox and Focus for iOS allows malicious web pages to trigger hybrid passkey...

Same vulnerability type (CWE-601)
CVE-2024-22891 9.8

CVE-2024-22891 is a critical remote code execution vulnerability in Nteract v0.28.0 that allows atta...

Same vulnerability type (CWE-601)