Open Redirect Vulnerability in Red Hat Single Sign-On
CVE-2025-12789

6.1MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Single Sign-on 7
Vendor: CVE Published:; 6 November 2025

What is CVE-2025-12789?

A flaw exists in Red Hat Single Sign-On that leads to an Open Redirect vulnerability during the logout process. This issue arises from the improper validation of the redirect_uri parameter utilized in the openid-connect logout protocol, potentially allowing attackers to redirect users to arbitrary locations after logging out, which may compromise security and user trust.

References

https://access.redhat.com/security/cve/CVE-2025-12789

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2413001

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 6, 2025
Vulnerability Reserved
Nov 6, 2025

Credit

Red Hat would like to thank Edcarlos Junior for reporting this issue.

JSON