Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-29c2-7qg3-7c74

Опубликовано: 29 дек. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 8.7
CVSS3: 7.5

Описание

BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.

BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.

Ссылки

EPSS

Процентиль: 29%
0.00103
Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2025-15227

Дефекты

CWE-22
CWE-36

Связанные уязвимости

nvd логотип

CVE-2025-15227

CVSS3: 7.5
nvd
около 1 месяца назад

BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.

EPSS

Процентиль: 29%
0.00103
Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2025-15227

Дефекты

CWE-22
CWE-36