What the vulnerability does
01Description
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
CVE-2025-55060
MEDIUM
CVE-2025-55060: Priority - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CVSS base score
6.1/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Key dates
02Disclosure timeline
December 29, 2025
CVE published
December 29, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-39364 Open redirect in change password functionality in Cacti
CVE-2024-41801 OpenProject packaged installation has Open Redirect Vulnerability in Sign-In in default configuration
CVE-2021-39191 URL Redirection to Untrusted Site ('Open Redirect') in mod_auth_openidc
CVE-2018-13813
CVE-2020-8143
