CVE-2025-34440
AVideo < 20.1 Open Redirect via siteRedirectUri Parameter
CVSS Score
0.0
EPSS Score
0.1%
EPSS Percentile
16th
AVideo versions prior to 20.1 contain an open redirect vulnerability caused by insufficient validation of the siteRedirectUri parameter during user registration. Attackers can redirect users to external sites, facilitating phishing attacks.
| CWE | CWE-601 |
| Vendor | world wide broadcast network |
| Product | avideo |
| Published | Dec 17, 2025 |
| Last Updated | May 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for world wide broadcast network avideo
Be the first to know when new unknown vulnerabilities affecting world wide broadcast network avideo are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
World Wide Broadcast Network / AVideo
0 < 20.1
References
github.com: https://github.com/WWBN/AVideo/commit/4a53ab2056 github.com: https://github.com/WWBN/AVideo/commit/77c70019b0 vulncheck.com: https://www.vulncheck.com/advisories/avideo-open-redirect-via-siteredirecturi-parameter chocapikk.com: https://chocapikk.com/posts/2025/avideo-security-vulnerabilities/
Credits
Valentin Lobstein (Chocapikk)