CVE-2025-62192

Medium CVSS: 5.3

SQL Injection vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. If exploited, information stored in the database may be obtained or altered by an authenticated user.

Vendor

Groupsession

Product

Groupsession

CWE

CWE-89

Yayın Tarihi

2025-12-12 05:16:10

Güncelleme

2026-02-17 15:18:18

Source Identifier

vultures@jpcert.or.jp

KEV Date Added

Kategoriler

CWE-89 Groupsession MEDIUM Groupsession 2025

Referanslar

https://groupsession.jp/info/info-news/security20251208 https://jvn.jp/en/jp/JVN19940619/

Benzer Kayıtlar

Medium

CVE-2025-65120

Reflected cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.7.1, GroupSession byCloud…

Medium

CVE-2025-66284

Stored cross-site scripting vulnerabilities exist in GroupSession Free edition prior to ver5.7.1, GroupSession byCloud p…

Medium

CVE-2025-64781

In GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSession ZION prior to v…

Medium

CVE-2025-54407

Stored cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud pr…

Medium

CVE-2025-57883

Reflected cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud…

Medium

CVE-2025-58576

Cross-site request forgery vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud pri…