Vulnerability Description
A vulnerability was detected in givanz Vvveb 1.0.6.1. Impacted is an unknown function. The manipulation results in session fixiation. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to version 1.0.7 is recommended to address this issue. The patch is identified as d4b1e030066417b77d15b4ac505eed5ae7bf2c5e. You should upgrade the affected component.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vvveb | Vvveb | < 1.0.7 |
Related Weaknesses (CWE)
References
- https://github.com/givanz/Vvveb/commit/d4b1e030066417b77d15b4ac505eed5ae7bf2c5ePatch
- https://github.com/givanz/Vvveb/issues/312ExploitIssue TrackingMitigation
- https://github.com/givanz/Vvveb/issues/312#issuecomment-2977995664Issue Tracking
- https://github.com/givanz/Vvveb/releases/tag/1.0.7Release Notes
- https://github.com/kwerty138/Session-Fixation-in-Vvveb-CMS-v1.0.6.1ExploitMitigation
- https://vuldb.com/?ctiid.318643Permissions RequiredVDB Entry
- https://vuldb.com/?id.318643Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.623135Third Party AdvisoryVDB Entry
- https://github.com/givanz/Vvveb/issues/312ExploitIssue TrackingMitigation
- https://github.com/helloandrewpaul/Session-Fixation-in-Vvveb-CMS-v1.0.6.1ExploitMitigation
FAQ
What is CVE-2025-8517?
CVE-2025-8517 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability was detected in givanz Vvveb 1.0.6.1. Impacted is an unknown function. The manipulation results in session fixiation. The attack can be launched remotely. The exploit is now public and...
How severe is CVE-2025-8517?
CVE-2025-8517 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-8517?
Check the references section above for vendor advisories and patch information. Affected products include: Vvveb Vvveb.