CVE-2025-70037

EUVD-2025-208432
An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
linagoratwake
2023.q1.1223:q1.1223
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/zcxlighthouse/0ca0e8750ad14964fa0ce24137ed346d
https://github.com/linagora
https://github.com/linagora/Twake