Vulnerabilidades en CGM
25 resultadosCVE-2025-30038HIGHSession ID leakage in Zone.Identifier of downloaded filesEPSS 0.2%CVE-2025-30036HIGHStored XSS permitting session takeover of arbitrary userEPSS 0.1%CVE-2025-30063CRITICALExcessive permissions on configuration files containing database logins and passwordsEPSS 0.1%CVE-2025-30042CRITICALSession generation possible with certificate number onlyEPSS 0.1%CVE-2025-30064HIGHPossibility to generate a session for any user via the "ex:action" parameter after obtaining access to the JWT keyEPSS 0.1%