CVE-2025-0705

Name of the Vulnerable Software and Affected Versions JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d

Description A vulnerability has been found in the qrCode function of the file src/main/java/io/github/controller/QrCodeController.java. The manipulation of the text argument leads to an open redirect. The attack can be launched remotely.

Recommendations As a temporary workaround, consider disabling the qrCode function until a fix is available. Restrict access to the QrCodeController.java file to minimize the risk of exploitation. Avoid using the text argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.