CVE-2025-34440

Published: Dec 17, 2025

Modified: May 14, 2026

PUBLISHED

Description

AVideo versions prior to 20.1 contain an open redirect vulnerability caused by insufficient validation of the siteRedirectUri parameter during user registration. Attackers can redirect users to external sites, facilitating phishing attacks.

Vendor	Product	Versions
World Wide Broadcast Network	AVideo	affected `0 - < 20.1`

Weaknesses (CWE)

CWE-601

References

https://github.com/WWBN/AVideo/commit/4a53ab2056

release-notes

https://github.com/WWBN/AVideo/commit/77c70019b0

patch

https://www.vulncheck.com/advisories/avideo-open-redirect-via-siteredirecturi-parameter

third-party-advisory

https://chocapikk.com/posts/2025/avideo-security-vulnerabilities/

technical-description

exploit

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-34440

Description

Affected Products

Weaknesses (CWE)

References