exploitDog

CVE-2025-3790

Опубликовано: 18 апр. 2025

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

A vulnerability classified as critical has been found in baseweb JSite 1.0. This affects an unknown part of the file /druid/index.html of the component Apache Druid Monitoring Console. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://github.com/caigo8/CVE-md/blob/main/JSite/durid%E6%9C%AA%E6%8E%88%E6%9D%83.md
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.305613
Permissions Required
VDB Entry
https://vuldb.com/?id.305613
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.554572
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jsite:jsite:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00075

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-266

Связанные уязвимости

GHSA-f4cr-6p7w-h5xh

CVSS3: 5.3

github

10 месяцев назад

A vulnerability classified as critical has been found in baseweb JSite 1.0. This affects an unknown part of the file /druid/index.html of the component Apache Druid Monitoring Console. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 23%

0.00075

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-266