PT-2025-11612 · Yimioa · Yimioa

Published

2025-03-18

Updated

2025-03-18

CVE-2025-25590

CVSS v3.1

6.1

Medium

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L

Name of the Vulnerable Software and Affected Versions yimioa versions prior to 2024.07.04

Description The issue is related to a SQL injection vulnerability. It affects the component /mapper/xml/AddressDao.xml.

Recommendations For versions prior to 2024.07.04, update to version 2024.07.04 or later to resolve the issue. As a temporary workaround, consider restricting access to the /mapper/xml/AddressDao.xml component until a patch is applied.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2025-25590

Affected Products

Yimioa

PT-2025-11612 · Yimioa · Yimioa

CVE-2025-25590

Weakness Enumeration

Related Identifiers

Affected Products

References · 5