CVE-2025-12140 PUBLISHED

RCE in Wirtualna Uczelnia

Assigner: CERT-PL
Reserved: 24.10.2025 Published: 27.11.2025 Updated: 28.11.2025

The application contains an insecure 'redirectToUrl' mechanism that incorrectly processes the value of the 'redirectUrlParameter' parameter. The application interprets the entered string of characters as a Java expression, allowing an unauthenticated attacer to perform arbitrary code execution. This issue was fixed in version wu#2016.1.5513#0#20251014_113353

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 9.3

Product Status

Vendor Simple SA
Product Wirtualna Uczelnia
Versions Default: unaffected
  • affected from 0 to wu#2016.1.5513#0#20251014_113353 (excl.)

Credits

  • Marcin Ressel finder

References

Problem Types

  • CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') CWE

Impacts

  • CAPEC-242 Code Injection