CVE-2025-11222

Published Dec 4, 2025

Last updated 4 months ago

CVSS medium 6.1

Overview

Description: Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft.
Source: dl_cve@linecorp.com
NVD status: Analyzed
Products: central_dogma

Risk scores

CVSS 3.1

Type: Secondary
Base score: 6.1
Impact score: 2.7
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-601

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:linecorp:central_dogma:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "73E1ACB6-C142-4B9E-91CB-7551C00F79ED",
            "versionEndExcluding": "0.78.0",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.•CVE-2024-1143

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References