Unrated severityOSV Advisory· Published Dec 17, 2025· Updated Dec 19, 2025
AVideo < 20.1 Open Redirect via cancelUri Parameter
CVE-2025-34439
Description
AVideo versions prior to 20.1 are vulnerable to an open redirect flaw due to missing validation of the cancelUri parameter during user login. An attacker can craft a link to redirect users to arbitrary external sites, enabling phishing attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/WWBN/AVideo/commit/88bc40427bmitrepatch
- chocapikk.com/posts/2025/avideo-security-vulnerabilities/mitretechnical-descriptionexploit
- www.vulncheck.com/advisories/avideo-open-redirect-via-canceluri-parametermitrethird-party-advisory
- github.com/WWBN/AVideo/commit/4a53ab2056mitrerelease-notes
News mentions
0No linked articles in our index yet.