Skip to content
Medium Published: Dec 16, 2025 Modified: Dec 16, 2025

CVE-2025-65581

5.3 CVSS Score Medium
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Export CVE-2025-65581 Data:
Share:
Link copied!

Description

An open redirect vulnerability exists in the Account module in Volosoft ABP Framework >= 5.1.0 and < 10.0.0-rc.2. Improper validation of the returnUrl parameter in the register function allows an attacker to redirect users to arbitrary external domains.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability Low

Weaknesses (CWE)

  • CWE-601

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2004-2260 CVSS 0 Same weakness: CWE-601 CVE-2005-0420 CVSS 0 Same weakness: CWE-601 CVE-2005-1475 CVSS 0 Same weakness: CWE-601 CVE-2005-4206 CVSS 6.1 Same weakness: CWE-601 CVE-2008-2052 CVSS 6.1 Same weakness: CWE-601

CVE History Timeline

Dec 16, 2025 18:16 New CVE Received
← Back to CVE Tracker