Open Redirect in Kodcloud Kodexplorer

CVE-2025-34504

KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external webs…

Vulnerability class: Open Redirect

EPSS: 0.001 (32.3th percentile) — read the EPSS interpretation.

Affected products

Kodcloud Kodexplorer — versions 4.52

Weakness classification (CWE)

CWE-601 — URL Redirection to Untrusted Site (Open Redirect)

References

ExploitDB-52245 (exploit)
KodExplorer Homepage (product)
KodExplorer Release Page (product)
VulnCheck Advisory: KodExplorer 4.52 Open Redirect Vulnerability via User Login Endpoint (third-party-advisory)