CVE-2025-28103

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-28103
Incorrect access control in laskBlog v2.6.1 allows attackers to arbitrarily delete user accounts via a crafted request.
CVSS

No CVSS.

References
Link Resource
https://gist.github.com/coleak2021/77895b7a7b335ae17eb57390f4a94917
https://github.com/DogukanUrker/flaskBlog/issues/130
Configurations

No configuration.

History

23 Apr 2025, 14:08

Type Values Removed Values Added
Summary
  • (es) El control de acceso incorrecto en laskBlog v2.6.1 permite a los atacantes eliminar arbitrariamente cuentas de usuario a travĂ©s de una solicitud manipulada especĂ­ficamente para ello.

21 Apr 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-04-21 18:15

Updated : 2025-04-23 14:08

NVD link : CVE-2025-28103

Mitre link : CVE-2025-28103

CVE.ORG link : CVE-2025-28103

JSON object : View

Products Affected

No product.

CWE

No CWE.