Invision Community har 4.7.20/5.0.7 oauth/callback/index.php state Cross Site Scripting
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 4.1 | $0-$5k | 0.00 |
Gunduma
Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin Invision Community har 4.7.20/5.0.7. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, oauth/callback/index.php na cikin fayil, $software_component na cikin sashi. Ngam manipulation of the argument state shi Cross Site Scripting. Wannan rauni ana sayar da shi da suna CVE-2025-48933. Ngam yiɗi ka a tuma ndiyam ka internet. Ba exploit ɗin da ake da shi. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a hokkata. If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Furɗe
Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin Invision Community har 4.7.20/5.0.7. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, oauth/callback/index.php na cikin fayil, $software_component na cikin sashi. Ngam manipulation of the argument state shi Cross Site Scripting. CWE shidin ka a yi bayani matsala sai ya kai CWE-79. Gaskiya, laifi an fitar da shi ta Egidio Romano. Advisory ɗin ana rabawa don saukewa a seclists.org.
Wannan rauni ana sayar da shi da suna CVE-2025-48933. Ngam yiɗi ka a tuma ndiyam ka internet. Tekinikal bayani ga. Wannan vulnerability ɗin ba shi da yawa sosai. Ba exploit ɗin da ake da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro.
Á wúro a wondi feere.
Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a hokkata.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Kayan
Ngilabe
Sunu
Furɗe
- 4.7.0
- 4.7.1
- 4.7.2
- 4.7.3
- 4.7.4
- 4.7.5
- 4.7.6
- 4.7.7
- 4.7.8
- 4.7.9
- 4.7.10
- 4.7.11
- 4.7.12
- 4.7.13
- 4.7.14
- 4.7.15
- 4.7.16
- 4.7.17
- 4.7.18
- 4.7.19
- 4.7.20
- 5.0.0
- 5.0.1
- 5.0.2
- 5.0.3
- 5.0.4
- 5.0.5
- 5.0.6
- 5.0.7
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔒VulDB Gaskiya: 🔍
CVSSv3
VulDB Meta Base Score: 4.3VulDB Meta Temp Score: 4.1
VulDB Ganda Borno: 4.3
VulDB Temp Score: 4.1
VulDB Furɗo: 🔒
VulDB Gaskiya: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔒
VulDB Temp Score: 🔒
VulDB Gaskiya: 🔍
Gargajiya
Klasu: Cross Site ScriptingCWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔒
ATT&CK: 🔒
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔒
Halitta: A wondi feere
Google Hack: 🔒
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔒
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: GargajiyaHalitta: 🔍
0-Day Gana: 🔒
Gargajiya: Community 4.7.21/5.0.8
Waktin layi
07/30/2025 Advisory ganna fa.07/30/2025 VulDB gite be nayi
07/30/2025 VulDB gite wuro karshe ta gyara
Ngizim
Gargaaji: seclists.orgNgamti: Egidio Romano
Halitta: Gaskiya
CVE: CVE-2025-48933 (🔒)
GCVE (CVE): GCVE-0-2025-48933
GCVE (VulDB): GCVE-100-318275
Gumti
Súgá: 07/30/2025 10:07Goyarwa: 07/30/2025 10:07 (54)
Gadankam: 🔍
Cache ID: 253:4CB:103
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.