CVE-2025-42603

Name of the Vulnerable Software and Affected Versions Meon KYC solutions (affected versions not specified)

Description This issue exists due to the transmission of sensitive data in plain text within the response payloads of certain API endpoints. An authenticated remote attacker could exploit this by intercepting API responses that contain unencrypted sensitive information belonging to other users. Successful exploitation could allow a remote attacker to impersonate the target user and gain unauthorized access to the user account.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.