CVE-2025-25477 in SysPassinfo

Zusammenfassung

von MITRE • 28.02.2025

A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

MITRE

Reservieren

07.02.2025

Veröffentlichung

28.02.2025

Moderieren

akzeptiert

Eintrag

VDB-297936

CPE

bereit

CWE

CWE-74 (bestätigt)

CVSS

3.5 (VulDB)

EPSS

0.00122

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-25477
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-25477
CVE Details	https://www.cvedetails.com/cve/CVE-2025-25477/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!