exploitDog

GHSA-mcgh-w82f-hgp3

Опубликовано: 20 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can exploit this vulnerability to access /admin/ API without any token.

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can exploit this vulnerability to access /admin/ API without any token.

Ссылки

EPSS

Процентиль: 31%

0.00115

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-288

Связанные уязвимости

CVE-2025-50904

CVSS3: 9.8

nvd

6 месяцев назад

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can exploit this vulnerability to access /admin/ API without any token.

EPSS

Процентиль: 31%

0.00115

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-288