PT-2025-43171 · Jjlemstra · Whydonate
Legion Hunter
·
Published
2025-10-22
·
Updated
2025-11-18
·
CVE-2025-49899
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Whydonate versions through 4.0.15
Description
A missing authorization flaw exists in Whydonate, potentially allowing access to functionality that should be restricted by Access Control Lists (ACLs). This could allow unauthorized access to certain features or data within the application.
Recommendations
Update Whydonate to a version later than 4.0.15.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Whydonate