CVE-2025-8887

CVSS v3.1

6.1

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Usta Information Systems Inc. Aybs Interaktif versions 2024 through 28082025

Description An authorization bypass exists in Usta Information Systems Inc. Aybs Interaktif due to user-controlled keys, missing authorization checks, and exposure of sensitive information. This allows for forceful browsing, parameter injection, and manipulation of input data.

Recommendations Apply updates to address the authorization issues in versions 2024 through 28082025.

Fix

IDOR

Missing Authorization

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639CWE-862CWE-200

Related Identifiers

CVE-2025-8887

Affected Products

Aybs Interaktif

CVE-2025-8887

Weakness Enumeration

Related Identifiers

Affected Products

References · 4