A vulnerability marked as problematic has been reported in JeecgBoot up to 3.9.2 . Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login . This manipulation of the argument state causes open redirect. This vulnerability is handled as CVE-2026-11502 . The attack can be initiated remotely. Additionally, an exploit exists. The project re