QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-55751

Back to search

CVE-2025-55751

Published: Aug 20, 2025

Modified: Aug 20, 2025

PUBLISHED

Description

OnboardLite is the result of the Influx Initiative, our vision for an improved student organization lifecycle at the University of Central Florida. An attacker can craft a link to the trusted application that, when visited, redirects the user to a malicious external site. This enables phishing, credential theft, malware delivery, and trust abuse. Any version with commit hash 6cca19e or later implements jwt signing for the redirect url parameter.

VendorProductVersions

HackUCF

OnboardLite

affected
< 6cca19ea4f47af125caa08ef82594844f039e07e

Weaknesses (CWE)

CWE-601

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now