exploitDog

CVE-2025-41441

Опубликовано: 26 мая 2025

Источник: nvd

CVSS3: 3.7

CVSS3: 5.3

EPSS Низкий

Описание

Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. This vulnerability only affects products that use the coupon feature.

Ссылки

https://jvn.jp/en/jp/JVN39546799/
Third Party Advisory
https://www.synck.com/blogs/news/newsroom/detail_1745302910.html
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:synck:mailform_pro_cgi:*:*:*:*:*:*:*:*

Версия до 4.3.4 (исключая)

EPSS

Процентиль: 13%

0.00042

Низкий

3.7 Low

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-209

Связанные уязвимости

GHSA-fwqm-5j5w-xq87

CVSS3: 3.7

github

9 месяцев назад

Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. This vulnerability only affects products that use the coupon feature.

EPSS

Процентиль: 13%

0.00042

Низкий

3.7 Low

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-209