CVE-2025-6552 | java-aodeng Hope-Boot 1.0.0 Login WebController.java doLogin redirect_url

A vulnerability was found in java-aodeng Hope-Boot 1.0.0. It has been classified as problematic. Affected is the function doLogin of the file /src/main/java/com/hope/controller/WebController.java of the component Login. The manipulation of the argument redirect_url leads to open redirect.

This vulnerability is traded as CVE-2025-6552. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-6552 | java-aodeng Hope-Boot 1.0.0 Login WebController.java doLogin redirect_url

Post correlati

CVE-2023-52111 | Huawei HarmonyOS/EMUI BootLoader Module improper authentication

CVE-2024-7741 | wanglongcn ltcms 1.0.20 API Endpoint /api/file/downloadfile downloadFile path traversal

CVE-2025-27426 | Mozilla Firefox up to 135 on iOS redirect

CVE-2025-4815 | Campcodes Sales and Inventory System 1.0 supplier_update.php Name sql injection