JeeSite
CVE-2025-7785
LOW
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability classified as problematic was found in thinkgem JeeSite up to 5.12.0. This vulnerability affects the function sso of the file src/main/java/com/jeesite/modules/sys/web/SsoController.java. The manipulation of the argument redirect leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue.
AnalysisAI
Open redirect in JeeSite's SSO controller allows remote attackers to redirect users to arbitrary external URLs by manipulating the redirect parameter, exploiting user trust to facilitate phishing or credential theft attacks. Affects JeeSite up to version 5.12.0. Publicly available exploit code exists and requires user interaction (clicking a malicious link), but no active exploitation in the wild has been confirmed. CVSS score is low (2.1) due to UI requirement and limited impact, though EPSS (0.11%) indicates minimal real-world exploitation probability.
Technical ContextAI
The vulnerability exists in the SSO (Single Sign-On) controller module (com.jeesite.modules.sys.web.SsoController.java) of JeeSite, a Java-based enterprise application framework. The sso function fails to properly validate or sanitize the redirect parameter, allowing attackers to supply arbitrary URLs. This is a classic CWE-601 (URL Redirection to Untrusted Site / Open Redirect) flaw where user-supplied input is passed directly to a redirect mechanism without whitelist validation or canonicalization. JeeSite versions up to 5.12.0 contain this defect, affecting deployments using the affected SSO endpoint.
RemediationAI
Apply the vendor patch via GitHub commit 3d06b8d009d0267f0255acc87ea19d29d07cedc3 (https://github.com/thinkgem/jeesite5/commit/3d06b8d009d0267f0255acc87ea19d29d07cedc3), which implements proper redirect validation in the SSO controller. Upgrade to the first JeeSite release containing this commit. If immediate patching is impossible, implement a compensating control by validating all redirect parameters against a whitelist of approved internal hosts and schemes (http/https only) before rendering any redirect response; reject redirects to external domains. Additionally, configure your reverse proxy or WAF to detect suspicious redirect patterns (e.g., requests with redirect=http://external-domain.com) and log/block them. These mitigations add latency and require careful maintenance but prevent exploitation while awaiting patched releases.
More from same product – last 7 days
Local denial of service in Android's PackageInstaller subsystem stems from a logic error in PackageInstallerSession.tran
Remote code execution in Spring for GraphQL versions 1.3.0-1.3.8, 1.4.0-1.4.5, and 2.0.0-2.0.3 allows unauthenticated at
NoSQL/query injection in Spring AI Vector Stores (1.0.0-1.0.8 and 1.1.0-1.1.7) allows remote unauthenticated attackers t
Origin validation failure in Spring Cloud Gateway (WebMVC and WebFlux Server variants) allows remote attackers to spoof
Server-Side Request Forgery in Spring Web Services (versions 3.1.0-3.1.8, 4.0.0-4.0.18, 4.1.0-4.1.3, and 5.0.0-5.0.1) al
Share
External POC / Exploit Code
Leaving vuln.today