2 matches found
VulnCheck KEV: CVE-2025-69985
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...
CVE-2025-69985
creationtimestamp| type| source ---|---|--- 2026-02-25 20:06:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfpi6yvfbv2h 2026-02-25 20:07:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfpib4lrfh2v 2026-03-24 17:00:40+00:00|...