Open Redirect Vulnerability in Thinkgem JeeSite Web Application
CVE-2025-7863

5.1MEDIUM

Key Information:

Vendor

Thinkgem

Status
Jeesite
Vendor
CVE Published:
20 July 2025

What is CVE-2025-7863?

A vulnerability has been identified in the Thinkgem JeeSite web application, specifically in the redirectUrl function within the ServletUtils.java file. This vulnerability enables an attacker to manipulate the URL argument, potentially leading to an open redirect scenario. The threat can be executed remotely, posing risks to users as they may be redirected to malicious sites without their consent. To mitigate this vulnerability, it is crucial to apply the recommended patch associated with the identified issue.

Affected Version(s)

JeeSite 5.0

JeeSite 5.1

JeeSite 5.2

References

https://vuldb.com/?id.316976
vdb-entrytechnical-description
https://vuldb.com/?ctiid.316976
signaturepermissions-required
https://vuldb.com/?submit.618188
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

ZAST.AI (VulDB User)
.
CVE-2025-7863 : Open Redirect Vulnerability in Thinkgem JeeSite Web Application