CVE-2025-25580 - CERT CVE

  1. CVE-2025-25580

ID CVE-2025-25580
Sažetak yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql() method at /xml/UserMapper.xml.
Reference
CVSS
Base: 6.1
Impact: 4.7
Exploitability:1.3
Pristup
VektorSloženostAutentikacija
LOCAL LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW LOW
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
Zadnje važnije ažuriranje 19-06-2025 - 00:18
Objavljeno 18-03-2025 - 15:16