CVE-2025-62604

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

MeterSphere is an open source continuous testing platform. Prior to version 2.10.25-lts, a logic flaw allows retrieval of arbitrary user information. This allows an unauthenticated attacker to log in to the system as any user. This issue has been patched in version 2.10.25-lts.

metersphere/metersphere
metersphere/metersphere
MeterSphere 是新一代的开源持续测试工具,内置 AI 助手,让软件测试工作更简单、更高效,不再成为持续交付的瓶颈。
GitHubGitHub
13.3K