CVE-2025-6552 – Apache Hope-Boot Java Open Redirect Vulnerability

June 24, 2025

CVE ID : CVE-2025-6552

Published : June 24, 2025, 3:15 a.m. | 2 hours, 1 minute ago

Description : A vulnerability was found in java-aodeng Hope-Boot 1.0.0. It has been classified as problematic. Affected is the function doLogin of the file /src/main/java/com/hope/controller/WebController.java of the component Login. The manipulation of the argument redirect_url leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52972 – Apache HTTP Server Command Injection

Next Article CVE-2025-52979 – Apache HTTP Server Cross-Site Request Forgery

Highlights

CVE-2025-4453 – D-Link DIR-619L Remote Command Injection Vulnerability

May 9, 2025

CVE ID : CVE-2025-4453

Published : May 9, 2025, 3:15 a.m. | 22 minutes ago

Description : A vulnerability was found in D-Link DIR-619L 2.04B04. It has been classified as critical. This affects the function formSysCmd. The manipulation of the argument sysCmd leads to command injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-6552 – Apache Hope-Boot Java Open Redirect Vulnerability

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases

CVE-2025-49164 – Arris VIP1113 TV Set-Top Box Firmware Decryption Key Disclosure

CVE-2025-44831 – EngineerCMS SQL Injection Vulnerability

First Copy Watches Online | FREE Shipping & COD Available

CVE-2025-48275 – Dastan800 Visual Header Missing Authorization Vulnerability

CVE-2025-4453 – D-Link DIR-619L Remote Command Injection Vulnerability

CVE-2025-28986 – Webaholicson Epicwin Plugin CSRF SQL Injection

How AI Agents Store, Forget, and Retrieve? A Fresh Look at Memory Operations for the Next-Gen LLMs

14 Best Free and Open Source Linux GUI Flashcard Software

CVE-2025-6552 – Apache Hope-Boot Java Open Redirect Vulnerability

Related Posts