Vulnerability Description
In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint and perform unauthorized actions (such as adding a comment) without being a member of the project's team. A seven-digit issue ID must be known (it is not treated as a secret and might be mentioned publicly, or it could be predicted).
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://github.com/getsentry/self-hosted/releases
- https://github.com/nikolas-ch/CVEs/blob/main/Sentry_Version%3E%3D25.1.0/Sentry_%
- https://github.com/nikolas-ch/CVEs/tree/main/Sentry_Version%3E%3D25.1.0
FAQ
What is CVE-2025-53073?
CVE-2025-53073 is a vulnerability with a CVSS score of 4.2 (MEDIUM). In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint and perform unauthorized actions (such as adding a comment) without being a member of the project's tea...
How severe is CVE-2025-53073?
CVE-2025-53073 has been rated MEDIUM with a CVSS base score of 4.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-53073?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.