CVE-2025-4132 Information

Description

Rapid7 Corporate Website prior to May 2nd 2025 suffered from a URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability whereby due to misconfigured headers an attacker could successfully redirect users to a malicious site of their control. This vulnerability has been fixed as of May 2nd 2025.

Reference

https://cwe.mitre.org/data/definitions/601.html