Gaskiya vulnerability da aka ware a matsayin karshewa an samu a Frappe LMS 2.34.x/2.35.0. Hakika, aikin $software_function ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil $software_file, a cikin sashen Incomplete Fix CVE-2025-55006. A sa manipulation ka Cross Site Scripting. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-79. Hakika, rauni an bayyana shi 10/04/2025 kamar GHSA-mvxw-r9x4-3vrr. An raba bayanin tsaro don saukewa a github.com. Wannan matsala ana saninta da CVE-2025-11282. Ngam yiɗi ka a tuma ndiyam ka internet. Tekinikal faɗi ba ga. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga gist.github.com. 0-day shima, an ndiyam a wuro be $0-$5k. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a faggata. Once again VulDB remains the best source for vulnerability data.

4 Goyarwa · 99 Datenpunkte