Home > Vulnerability Database > CVE-2025-34440

Mend.io Vulnerability Database

CVE-2025-34440

Good to know:

Date: December 17, 2025

AVideo versions prior to 20.0 contain an open redirect vulnerability caused by insufficient validation of the siteRedirectUri parameter during user registration. Attackers can redirect users to external sites, facilitating phishing attacks.

Severity Score

6.1

Related Resources (6)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-34440

Url: https://github.com/WWBN/AVideo/commit/77c70019b0

Url: https://chocapikk.com/posts/2025/avideo-security-vulnerabilities/

Url: https://github.com/WWBN/AVideo/commit/4a53ab2056

Url: https://www.vulncheck.com/advisories/avideo-open-redirect-via-siteredirecturi-parameter

Url: https://www.mend.io/vulnerability-database/CVE-2025-34440

Severity Score

6.1

Weakness Type (CWE)

URL Redirection to Untrusted Site ('Open Redirect')

CWE-601

CVSS v3.1

Base Score:	6.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-34440

Good to know:

Date: December 17, 2025

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?