CVE-2025-11222

MEDIUM

Central Dogma <0.78.0 - Open Redirect

Title source: llm

Description

Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft.

References (1)

[Vendor Advisory] https://github.com/line/centraldogma/security/advisories/GHSA-4hr2-xf7w-jf76

Scores

CVSS v3 6.1

EPSS 0.0005

EPSS Percentile 15.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-601

Status published

Products (2)

com.linecorp.centraldogma/centraldogma-server-auth-shiro 0 - 0.78.0Maven

linecorp/central_dogma < 0.78.0

Published Dec 04, 2025

Tracked Since Feb 18, 2026