CVE-2025-15621
Sparx Enterprise Architect Client does not verify the receiver of OAuth2 credentials during OpenID authentication
Insufficiently Protected Credentials in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client does not verify the receiver of OAuth2 credentials during OpenID authentication
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N/S:P/AU:Y/V:C/RE:M
Affected products
Sparx Systems Pty Ltd. · Sparx Enterprise ArchitectWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →