exploitDog

GHSA-rhvh-rq83-g5w7

Опубликовано: 19 мая 2025

Источник: github

Github: Не прошло ревью

CVSS4: 2.1

CVSS3: 4.8

Описание

a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with CVE-2025-36560, a remote unauthenticated attacker may hijack a legitimate user's session.

a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with CVE-2025-36560, a remote unauthenticated attacker may hijack a legitimate user's session.

Ссылки

EPSS

Процентиль: 22%

0.00073

Низкий

2.1 Low

CVSS4

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-117

Связанные уязвимости

CVE-2025-41429

CVSS3: 4.8

nvd

9 месяцев назад

a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with CVE-2025-36560, a remote unauthenticated attacker may hijack a legitimate user's session.

EPSS

Процентиль: 22%

0.00073

Низкий

2.1 Low

CVSS4

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-117