CVE-2025-11273 | LaChatterie Verger up to 1.2.10 provider.ts redirectToAuthorization URL deserialization

Inserito da Angelo Barbosa | Ott 4, 2025 | CVE

A vulnerability categorized as critical has been discovered in LaChatterie Verger up to 1.2.10. This impacts the function redirectToAuthorization of the file /src/main/services/mcp/oauth/provider.ts. The manipulation of the argument URL results in deserialization.

This vulnerability is identified as CVE-2025-11273. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-11273 | LaChatterie Verger up to 1.2.10 provider.ts redirectToAuthorization URL deserialization

Post correlati

CVE-2024-36390 | MileSight DeviceHub denial of service

CVE-2024-39558 | Juniper Networks Junos OS/Junos OS Evolved Routing Protocol Daemon return value (JSA83018)

CVE-2025-8418 | B Slider Plugin up to 1.1.30 on WordPress Plugin Installation activated_plugin authorization

CVE-2024-25454 | Axiomatic Bento4 1.6.0-640 Test null pointer dereference