CVE-2025-11025

Sažetak

Insertion of Sensitive Information Into Sent Data vulnerability in Vimesoft Information Technologies and Software Inc. Vimesoft Corporate Messaging Platform allows Retrieve Embedded Sensitive Data. This issue affects Vimesoft Corporate Messaging Platform: from V1.3.0 before V2.0.0.

Reference

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0300
https://www.usom.gov.tr/bildirim/tr-25-0300

CVSS

Base:	5.3
Impact:	3.6
Exploitability:	1.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	NONE	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Zadnje važnije ažuriranje

04-06-2026 - 20:16

Objavljeno

26-09-2025 - 13:15