CVE-2025-4838 – Kanwangzjm Funiture Open Redirect Vulnerability

May 17, 2025

CVE ID : CVE-2025-4838

Published : May 17, 2025, 10:15 p.m. | 2 hours, 31 minutes ago

Description : A vulnerability, which was classified as problematic, was found in kanwangzjm Funiture up to 71ca0fb0658b3d839d9e049ac36429207f05329b. Affected is the function doPost of the file /funiture-master/src/main/java/com/app/mvc/acl/servlet/LoginServlet.java of the component Login. The manipulation of the argument ret leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4918 – Firefox ESR JavaScript Promise Out-of-Bounds Access

Next Article CVE-2025-4837 – Projectworlds Student Project Allocation System SQL Injection Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

Save $400 on the best Samsung TVs, laptops, tablets, and more when you sign up for Verizon 5G Home or Home Internet

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

Big Changes at Meteor Software: Our Next Chapter

Apps in Generative AI – Transforming the Digital Experience

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

CVE-2025-4838 – Kanwangzjm Funiture Open Redirect Vulnerability

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

2025 is the year of the AI mini PC — Here are the 6 CES devices I’m most excited about

I flew to Nashville to see the one PC company actually delivering useful AI features — not just promising them

How to increase minimum VRAM on Steam Deck by adjusting UMA Frame Buffer Size

5 ways to tell people what to do at work

Microsoft finally lets Windows 10 users with multi-monitor configuration use Copilot after 7-month compatibility hold

Create Actions and Workflows with this Laravel Workflows Package

AI is Shaping the Future of Luxury Travel

How To Remove Microsoft Account From Windows 11 Step-by-Step

CVE-2025-4838 – Kanwangzjm Funiture Open Redirect Vulnerability

Related Posts