Primary

Context

Volosoft ABP Framework Open Redirect Vulnerability in Account Module

Vulnerability

An open redirect vulnerability has been identified in the Account module of Volosoft ABP Framework, affecting versions 5.1.0 prior to 10.0.0-rc.2. The vulnerability arises from inadequate validation of the returnUrl parameter in the registration function, allowing attackers to redirect users to arbitrary external domains.

Impact

Exploitation of this vulnerability allows for open redirect attacks, where users can be sent to malicious external sites, potentially leading to phishing or other malicious activities.

Remediation

Users can upgrade to Volosoft ABP Framework version 10.0.0-rc.2 or later to address this vulnerability.

Added: Dec 16, 2025, 7:11 PM

Updated: Dec 16, 2025, 8:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.0

remediation

0.0

relevance

1.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.0

remediation

0.0

relevance

1.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Volosoft ABP Framework Open Redirect Vulnerability in Account Module

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating