CVE-2025-1269

MEDIUM

HAVELSAN Liman MYS <2.1.1-1010 - Open Redirect

Title source: llm

Description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in HAVELSAN Liman MYS allows Cross-Site Flashing. This issue affects Liman MYS: before 2.1.1 - 1010.

References (3)

Core 3

Core References

Release Notes

https://github.com/limanmys/core/releases/tag/release.master.1010

Third Party Advisory, US Government Resource government-resource broken-link

https://www.usom.gov.tr/bildirim/tr-25-0038

Government Resource government-resource

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0038

Scores

CVSS v3 4.8

EPSS 0.0017

EPSS Percentile 6.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-601

Status published

Products (1)

HAVELSAN/Liman MYS < 2.1.1 - 1010

Published Feb 18, 2025

Tracked Since Feb 18, 2026