CVE-2025-34440
MEDIUM WAF: Medium
CVSS 6.1
Published: 2025-12-17
CWE-601
AVideo versions prior to 20.1 contain an open redirect vulnerability caused by insufficient validation of the siteRedirectUri parameter during user registration. Attackers can redirect users to external sites, facilitating phishing attacks.
WAF Coverage Analysis
Open Redirect
Medium WAF Coverage
OWASP: A01:2021 Broken Access Control
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| wwbn | avideo | up to 20.0 |
References
- chocapikk.com
- github.com (Patch)
- github.com (Patch)
- www.vulncheck.com (Third Party Advisory)