| ID | CVE-2025-41772 | ||||||
| Sažetak | An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | ||||||
| Zadnje važnije ažuriranje | 11-03-2026 - 18:23 | ||||||
| Objavljeno | 09-03-2026 - 09:16 |
