CVE-2025-0578
CVE-2025-0578
Título es
CVE-2025-0578
Lun, 20/01/2025 – 02:15
Tipo
CWE-79
Gravedad v2.0
4.00
Gravedad 2.0 Txt
MEDIUM
Título en
CVE-2025-0578
Descripción en
A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107. It has been classified as problematic. Affected is an unknown function of the file /account/forgotpassword of the component Password Reset Handler. The manipulation of the argument reterros leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
20/01/2025
20/01/2025
Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Vector CVSS:2.0
AV:N/AC:L/Au:S/C:N/I:P/A:N
Gravedad 4.0
5.30
Gravedad 4.0 txt
MEDIUM
Gravedad 3.1 (CVSS 3.1 Base Score)
3.50
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
LOW
Referencias
Enviar en el boletín
Off
