CVE-2025-64781
CVE-2025-64781
In GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSession ZION prior to ver5.7.1, "External page display restriction" is set to "Do not limit" in the initial configuration. With this configuration, the user may be redirected to an arbitrary website when accessing a specially crafted URL.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Affected products
Japan Total System Co.,Ltd. · GroupSession byCloudJapan Total System Co.,Ltd. · GroupSession Free editionJapan Total System Co.,Ltd. · GroupSession ZIONWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →