exploitDog

CVE-2025-30186

Опубликовано: 27 нояб. 2025

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Malicious content uploaded as file can be used to execute script code when following attacker-controlled links. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Please deploy the provided updates and patch releases. No publicly available exploits are known

Ссылки

https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2025/oxas-adv-2025-0003.json

EPSS

Процентиль: 12%

0.00039

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-433v-4rgp-8834

CVSS3: 5.4

github

2 месяца назад

Malicious content uploaded as file can be used to execute script code when following attacker-controlled links. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Please deploy the provided updates and patch releases. No publicly available exploits are known

EPSS

Процентиль: 12%

0.00039

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79