CVE-2025-10229 | Freshwork up to 1.2.3 /api/v2/logout post_logout_redirect_uri

A vulnerability, which was classified as problematic, was found in Freshwork up to 1.2.3. This impacts an unknown function of the file /api/v2/logout. Such manipulation of the argument post_logout_redirect_uri leads to open redirect.

This vulnerability is documented as CVE-2025-10229. The attack can be executed remotely. Additionally, an exploit exists.

You should upgrade the affected component.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More