CVE-2025-4129

CVSS v3.1

7.5

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions PAVO Pay versions prior to 13.05.2025

Description PAVO Pay is susceptible to an authorization bypass due to the exploitation of trusted identifiers through a user-controlled key.

Recommendations Update PAVO Pay to version 13.05.2025 or later.

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

CVE-2025-4129

Pavo Pay