CVE-2025-34504

EUVD-2025-202934
KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
kodcloudkodexplorer
4.52
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/kalcaddle/KodExplorer/releases/tag/4.52
https://kodcloud.com/
https://www.exploit-db.com/exploits/52245
https://www.vulncheck.com/advisories/kodexplorer-open-redirect-vulnerability-via-user-login-endpoint