CVE-2025-8887
6.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Summary
Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Forceful Browsing, Parameter Injection, Input Data Manipulation.
This issue affects Aybs Interaktif: from 2024 through 28082025.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Usta Information Systems Inc. | Aybs Interaktif | 2024 <= 28082025 | affected |
Weaknesses
- CWE-639: CWE-639 Authorization Bypass Through User-Controlled Key
- CWE-862: CWE-862 Missing Authorization
- CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.usom.gov.tr/bildirim/tr-25-0329
- https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0329
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.