CVE-2025-10355

CVSS v4.0

5.1

Vector

AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Name of the Vulnerable Software and Affected Versions MOLGENIS EMX2 version 11.14.0

Description An open redirection issue exists in MOLGENIS EMX2 version 11.14.0. An attacker can craft a malicious URL using a manipulated redirection parameter, potentially redirecting users to phishing sites or other harmful destinations via “/%2f%2f”. The vulnerability involves manipulating the redirection parameter to control the destination URL.

Recommendations Apply a fix that properly validates and sanitizes the redirection parameter to prevent manipulation.

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

CVE-2025-10355

Affected Products

Molgenis Emx2

CVE-2025-10355

Weakness Enumeration

Related Identifiers

Affected Products

References · 4