CVE-2025-23363

MEDIUM Year: 2025
CVSS v3 Score
7.4
High
Weakness Type
CWE-601
View all →

Vulnerability Description

A vulnerability has been identified in Teamcenter V14.1 (All versions), Teamcenter V14.2 (All versions), Teamcenter V14.3 (All versions), Teamcenter V2312 (All versions), Teamcenter V2406 (All versions), Teamcenter V2412 (All versions). The SSO login service of affected applications accepts user-controlled input that could specify a link to an external site. This could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.

Related Vulnerabilities

CVE-2016-0928

HIGH
CVSS:7.4(High)

Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.30 and 1.7.x before 1.7.8 allow remote attackers to redirect users to arbitrary web sites and conduct p...

CWE-6012016

CVE-2016-1000001

HIGH
CVSS:7.4(High)

flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect

CWE-6012016

CVE-2016-3174

HIGH
CVSS:7.4(High)

An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet offers to redirect a client to a specified URL. Since some checks were missing, arbitrary URLs could be prov...

CWE-6012016

CVE-2016-6657

HIGH
CVSS:7.4(High)

An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime components. Users of affected versions should apply the following mitigation: Upgrade PCF Elastic Runti...

CWE-6012016

CVE-2017-18414

HIGH
CVSS:7.4(High)

cPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300).

CWE-6012017

CVE-2017-3085

HIGH
CVSS:7.4(High)

Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.

CWE-6012017