← voltar
CVE-2025-64781

CVE-2025-64781

CVSS 5.1 MEDIUMEPSS 0.2%CWE-1188
In GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSession ZION prior to ver5.7.1, "External page display restriction" is set to "Do not limit" in the initial configuration. With this configuration, the user may be redirected to an arbitrary website when accessing a specially crafted URL.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Produtos afetados
Japan Total System Co.,Ltd. · GroupSession byCloudJapan Total System Co.,Ltd. · GroupSession Free editionJapan Total System Co.,Ltd. · GroupSession ZION

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://groupsession.jp/info/info-news/security20251208https://jvn.jp/en/jp/JVN19940619/