CVE Catalog

CVE-2025-69725

MediumCVSS 4.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.22%

12th percentile - higher than 12% of all known CVEs

Summary

An Open Redirect vulnerability in the RedirectSlashes function of go-chi/chi version 5.2.2 and later allows remote attackers to redirect victims to malicious websites using the legitimate website domain.

Risk Assessment

The risk involves leveraging a trusted domain for phishing or malware distribution, potentially leading to credential theft or system compromise.

Recommendation

Immediately update go-chi/chi to a patched version and implement server-side URL validation for redirects.

Original NVD description (English source)

An Open Redirect vulnerability in the go-chi/chi >=5.2.2 RedirectSlashes function allows remote attackers to redirect victim users to malicious websites using the legitimate website domain.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS