CVE-2025-11029

Sažetak

A weakness has been identified in givanz Vvveb up to 1.0.7.2. This vulnerability affects unknown code. Executing manipulation can lead to cross-site request forgery. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. Once again the project maintainer reacted very professional: "I accept the existence of these vulnerabilities. (...) I fixed the code to remove these vulnerabilities and will push the code to github and make a new release."

Reference

https://gist.github.com/KhanMarshaI/165ae8f63ec6b5fdf1f4123252499fce
https://gist.github.com/KhanMarshaI/db888b65cfd75bead2035348babfb423
https://vuldb.com/?ctiid.325967
https://vuldb.com/?id.325967
https://vuldb.com/?submit.657188
https://vuldb.com/?submit.657190
https://vuldb.com/?submit.657191
https://vuldb.com/?submit.657192
https://gist.github.com/KhanMarshaI/165ae8f63ec6b5fdf1f4123252499fce
https://gist.github.com/KhanMarshaI/db888b65cfd75bead2035348babfb423

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

07-10-2025 - 18:49

Objavljeno

26-09-2025 - 17:15