Vulnerability Description
Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL injection vulnerability, which might be exploited by an unauthenticated remote attacker. Versions 4.0 and above are not affected.
Related Weaknesses (CWE)
References
- https://cert.pl/posts/2025/09/CVE-2025-7385
- https://sam3.pl/strona-305-za_co_nas_cenia_redaktorzy.html
FAQ
What is CVE-2025-7385?
CVE-2025-7385 is a documented vulnerability. Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL injection vulnerability, which might be exploited by an unauthenticated remote attacker. Versions 4.0 a...
How severe is CVE-2025-7385?
CVSS scoring is not yet available for CVE-2025-7385. Check NVD for updates.
Is there a patch for CVE-2025-7385?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.