How severe is CVE-2025-4328?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 3.5 out of 10.

What type of vulnerability is CVE-2025-4328?

This is classified as CWE-601, which is a common weakness in software security.

CVE-2025-4328 - MEDIUM Severity | CVSS 3.5

Vulnerability Description

A vulnerability was found in fp2952 spring-cloud-base up to 7f050dc6db9afab82c5ce1d41cd74ed255ec9bfa. It has been declared as problematic. Affected by this vulnerability is the function sendBack of the file /spring-cloud-base-master/auth-center/auth-center-provider/src/main/java/com/peng/auth/provider/config/web/MvcController.java of the component HTTP Header Handler. The manipulation of the argument Referer leads to open redirect. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

Related Vulnerabilities

CVE-2022-44718

LOW

CVSS:3.5(Low)

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 2 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted ...

CWE-6012022

CVE-2024-37141

LOW

CVSS:3.5(Low)

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an open redirect vulnerability. A remote low privileged attacker could potentially exploit this vulnerabi...

CWE-6012024

CVE-2024-37234

LOW

CVSS:3.5(Low)

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kodezen Limited Academy LMS.This issue affects Academy LMS: from n/a through 2.0.4.

CWE-6012024

CVE-2025-2980

MEDIUM

CVSS:3.5(Low)

A vulnerability classified as problematic was found in Legrand SMS PowerView 1.x. This vulnerability affects unknown code. The manipulation of the argument redirect leads to open redirect. The attack ...

CWE-6012025

CVE-2025-5183

MEDIUM

CVSS:3.5(Low)

A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as problematic. This issue affects some unknown processing of the component Header Handle...

CWE-6012025

CVE-2020-26836

LOW

CVSS:3.4(Low)

SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site whi...

CWE-6012020