CVE-2025-50904

Critical CVSS: 9.8

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can exploit this vulnerability to access /admin/ API without any token.

Vendor

Winterchens

Product

My-site

CWE

CWE-288

Yayın Tarihi

2025-08-20 17:15:36

Güncelleme

2025-09-11 19:17:48

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-288 My-site CRITICAL Winterchens 2025

Referanslar

https://github.com/WinterChenS/my-site/issues/95

Benzer Kayıtlar

Critical

CVE-2024-53496

Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive compone…

High

CVE-2024-57152

Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components wit…

High

CVE-2024-53495

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive compon…

Medium

CVE-2025-8838

A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability…