exploitDog

CVE-2025-26523

Опубликовано: 14 фев. 2025

Источник: nvd

EPSS Низкий

Описание

This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation of this vulnerability could allow an authenticated remote attacker to modify information belonging to other user accounts.

Ссылки

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0020

EPSS

Процентиль: 38%

0.00164

Низкий

Дефекты

CWE-266

Связанные уязвимости

GHSA-44vh-88m4-ph9w

github

12 месяцев назад

This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation of this vulnerability could allow an authenticated remote attacker to modify information belonging to other user accounts.

EPSS

Процентиль: 38%

0.00164

Низкий

Дефекты

CWE-266