What is the CVSS score of CVE-2025-61782?

CVE-2025-61782 has a CVSS 3.1 base score of 5.4 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N. EPSS exploitation probability: 0.1%.

Which versions of Open Redirect are affected by CVE-2025-61782?

Organizations using OpenCTI should be aware of moderate risk from CVE-2025-61782 rated CVSS 5.4. Exploitation could compromise the security of affected deployments.. A patch is available.

How to fix or mitigate CVE-2025-61782?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Vendor patch is available.

Open Redirect CVE-2025-61782

MEDIUM

URL Redirection to Untrusted Site (Open Redirect) (CWE-601)

2026-01-07 security-advisories@github.com

Open Redirect Opencti

5.4

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

5.4 MEDIUM

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

Patch released

Jan 20, 2026 - 18:50 nvd

Patch available

CVE Published

Jan 07, 2026 - 18:15 nvd

MEDIUM 5.4

DescriptionGitHub Advisory

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint (/auth/saml/callback). By manipulating the RelayState parameter, an attacker can force the server to issue a 302 redirect to any external URL, enabling phishing, credential theft, and arbitrary site redirection. This issue has been patched in version 6.8.3.

AnalysisAI

Opencti versions up to 6.8.3 is affected by url redirection to untrusted site (open redirect) (CVSS 5.4).

Technical ContextAI

This vulnerability (CWE-601: URL Redirection to Untrusted Site (Open Redirect)) affects Opencti. OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint (/auth/saml/callback). By manipulating the RelayState parameter, an attacker can force the server to issue a 302 redirect to any external URL, enabling phishing, credential theft, and arbitrary site redirection. This issue has been patched in version 6.8.3.

RemediationAI

A vendor patch is available — apply it immediately. Fixed in version 6.8.3.. Restrict network access to the affected service where possible.

More from same product – last 7 days

CVE-2026-53523 MEDIUM This Month

6.8 Jun 12

Host header injection in Nezha Monitoring versions 1.0.0 through 2.2.0 allows unauthenticated remote attackers to redire

CVE-2026-50089 MEDIUM This Month

6.1 Jun 12

Open redirect in the Aqara IAM/SSO Gateway (gw-builder.aqara.com) allows remote unauthenticated attackers to craft Aqara

CVE-2026-9679 MEDIUM This Month

5.9 Jun 17

HTTP response header injection in undici's cookie parser exposes proxy, middleware, and SSR framework applications to se

CVE-2026-10837 MEDIUM This Month

5.1 Jun 17

Open redirection in Password Manager exposes users to phishing attacks by failing to validate the X-Forwarded-Host HTTP

CVE-2026-10839 MEDIUM This Month