Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-34439
CVE-2025-34439
AVideo versions prior to 20.1 are vulnerable to an open redirect flaw due to missing validation of the cancelUri parameter during user login. An attacker can craft a link to redirect users to arbitrary external sites, enabling phishing attacks.
Published Dec 18, 2025
https://www.vulncheck.com/advisories/avideo-open-redirect-via-canceluri-parameter
CVSS Score
Medium
6.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
composer
wwbn/avideo
10.4
composer
wwbn/avideo
10.8
composer
wwbn/avideo
11.1.1
composer
wwbn/avideo
11.1
composer
wwbn/avideo
11.5
composer
wwbn/avideo
11.6
composer
wwbn/avideo
11
composer
wwbn/avideo
12.4
composer
wwbn/avideo
14.3.1
composer
wwbn/avideo
14.3
composer
wwbn/avideo
14.4
composer
wwbn/avideo
18.0
1-12 of 12
CVE-2025-34439 | Components Impacted | Sonatype Guide | Sonatype Guide
