Vulnerability Description
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authentication endpoint (/auth/saml/callback). By manipulating the RelayState parameter, an attacker can force the server to issue a 302 redirect to any external URL, enabling phishing, credential theft, and arbitrary site redirection. This issue has been patched in version 6.8.3.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Citeum | Opencti | < 6.8.3 |
Related Weaknesses (CWE)
References
- https://github.com/OpenCTI-Platform/opencti/commit/f755165a26888925c4a58018f7238Patch
- https://github.com/OpenCTI-Platform/opencti/releases/tag/6.8.3Release Notes
- https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-jc3f-c62g-vThird Party Advisory
FAQ
What is CVE-2025-61782?
CVE-2025-61782 is a vulnerability with a CVSS score of 5.4 (MEDIUM). OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.3, an open redirect vulnerability exists in the OpenCTI platform's SAML authen...
How severe is CVE-2025-61782?
CVE-2025-61782 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-61782?
Check the references section above for vendor advisories and patch information. Affected products include: Citeum Opencti.