Uncaught Exception
CVE-2025-13064
Summary
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with.
- LOW
- ADJACENT_NETWORK
- NONE
- UNCHANGED
- NONE
- HIGH
- NONE
- HIGH
CWE-248 - Uncaught Exception
An exception is thrown from a function, but it is not caught.
References
Advisory Timeline
- Published
