Home > Vulnerability Database > CVE-2025-7763

Mend.io Vulnerability Database

CVE-2025-7763

Good to know:

Date: July 17, 2025

A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is an unknown function of the component Site Controller/SSO. The manipulation leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue. Multiple endpoints are affected.

Severity Score

4.3

Related Resources (10)

Url: https://vuldb.com/?id.316758

Url: https://vuldb.com/?submit.616103

Url: https://vuldb.com/?ctiid.316758

Url: https://vuldb.com/?submit.616104

Url: https://github.com/thinkgem/jeesite5/issues/28

Url: https://github.com/thinkgem/jeesite5/issues/29

Url: https://github.com/thinkgem/jeesite5/issues/28#issuecomment-3045862239

Url: https://github.com/thinkgem/jeesite5/commit/3d06b8d009d0267f0255acc87ea19d29d07cedc3

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-7763

Url: https://www.mend.io/vulnerability-database/CVE-2025-7763

Severity Score

4.3

Weakness Type (CWE)

URL Redirection to Untrusted Site ('Open Redirect')

CWE-601

Top Fix

Upgrade Version

Upgrade to version https://github.com/thinkgem/jeesite5.git - no_fix

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-7763

Good to know:

Date: July 17, 2025

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?