216.73.217.176

CVE-2025-5522

· Published 03/06/2025 19:15 · Modified 04/06/2025 14:54

Labels: CVE-2025-5522 2025-06-03CVE-2025-5522CWE-266[email protected]

Essential information

Published
03/06/2025 19:15
Modified
04/06/2025 14:54
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was found in jack0240 魏 bskms 蓝天幼儿园管理系统 up to dffe6640b5b54d8e29da6f060e0493fea74b3fad. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sa/addUser of the component User Creation Handler. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
jack0240 / bskms cpe:2.3:a:jack0240:bskms:*:*:*:*:*:*:*:*

References