CVE-2025-10423

A vulnerability was found in newbee-mall 1.0. Impacted is the function mallKaptcha of the file /common/mall/kaptcha. The manipulation results in guessable captcha. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The exploit has been made public and could be used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
VulDBCNA
3.7 LOW
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
newbee-mall_projectnewbee-mall
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/newbee-ltd/newbee-mall/issues/101
https://github.com/newbee-ltd/newbee-mall/issues/101#issue-3380163659
https://vuldb.com/?ctiid.323857
https://vuldb.com/?id.323857
https://vuldb.com/?submit.647066