CVE-2025-26376 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged)…
Medium CVSS: 6.5

CVE-2025-26376

A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to modify user data via crafted HTTP requests.
Vendor
Q-free
Product
Maxtime
CWE
CWE-862
Yayın Tarihi
2025-02-12 14:15:38
Güncelleme
2025-04-10 19:54:07
Source Identifier
prodsec@nozominetworks.com
KEV Date Added
-

Kategoriler

CWE-862 Maxtime MEDIUM Q-free 2025

Referanslar

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-26376