CVE-2025-8057

Summary

Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource in Another Sphere, Improper Authorization vulnerability in Patika Global Technologies HumanSuite allows Exploiting Trust in Client.

This issue affects HumanSuite: before 53.21.0.

Affected Software

VendorProductVersion RangeStatus
Patika Global TechnologiesHumanSuite0 < 53.21.0affected

Weaknesses

  • CWE-639: CWE-639 Authorization Bypass Through User-Controlled Key
  • CWE-610: CWE-610 Externally Controlled Reference to a Resource in Another Sphere
  • CWE-285: CWE-285 Improper Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References