CVE-2025-11025
5.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
Insertion of Sensitive Information Into Sent Data vulnerability in Vimesoft Information Technologies and Software Inc. Vimesoft Corporate Messaging Platform allows Retrieve Embedded Sensitive Data.
This issue affects Vimesoft Corporate Messaging Platform: from V1.3.0 before V2.0.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Vimesoft Information Technologies and Software Inc. | Vimesoft Corporate Messaging Platform | V1.3.0 < V2.0.0 | affected |
Weaknesses
- CWE-201: CWE-201 Insertion of Sensitive Information Into Sent Data
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.usom.gov.tr/bildirim/tr-25-0300
- https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0300
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.