CVE-2025-8838

Name of the Vulnerable Software and Affected Versions: WinterChenS my-site (affected versions not specified)

Description: A vulnerability exists in the preHandle function of the /admin/ file within the Backend Interface component. Manipulation of the uri argument results in improper authentication. The attack can be initiated remotely. The exploit has been disclosed publicly. The existence of this vulnerability is currently doubted. The product utilizes a rolling release model, and therefore, specific version details for affected or updated releases are unavailable. The code maintainer reported that accessing the vulnerable link automatically redirects to the login page.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.