CVE-2025-41429

CVSS 2.1 LOWEPSS 0.4%CWE-117

a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with CVE-2025-36560, a remote unauthenticated attacker may hijack a legitimate user's session.

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Productos afectados

appleple inc. · a-blog cms

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://developer.a-blogcms.jp/blog/news/JVNVU-90760614.html https://jvn.jp/en/vu/JVNVU90760614/