CVE-2025-53073 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint and perform unauthorized actions (such as adding a comment) wit…
Medium CVSS: 4.2

CVE-2025-53073

In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint and perform unauthorized actions (such as adding a comment) without being a member of the project's team. A seven-digit issue ID must be known (it is not treated as a secret and might be mentioned publicly, or it could be predicted).
Vendor
-
Product
-
CWE
CWE-425
Yayın Tarihi
2025-06-24 18:15:26
Güncelleme
2025-06-26 18:58:14
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-425 MEDIUM 2025

Referanslar

https://github.com/getsentry/self-hosted/releases https://github.com/nikolas-ch/CVEs/blob/main/Sentry_Version%3E%3D25.1.0/Sentry_%3E%3D25.1.0_WeakAuthorizationControl.txt https://github.com/nikolas-ch/CVEs/tree/main/Sentry_Version%3E%3D25.1.0