CVE-2025-0705

Summary

CVE-2025-0705 is a newly disclosed vulnerability affecting the JoeyBling bootplus software up to the version 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. The vulnerability lies in the qrCode function of the file src/main/java/io/github/controller/QrCodeController.java, and it enables an attacker to launch open redirects by manipulating the argument text. This issue can be exploited remotely, making it a significant concern for security. Details about affected and updated versions have not been released as the product follows a rolling release approach for continuous delivery. The exploit for this vulnerability is currently public, increasing the risk of potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.