CVE-2025-45529

Published May 27th, 2025

View on NVD ↗

CVSS v3

7.1

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor.

sec-Kode/cve

GitHub