CVE-2025-3317

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://gitee.com/fumiao/opencms/issues/IBLJLM", "name": "https://gitee.com/fumiao/opencms/issues/IBLJLM", "tags": [], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.303516", "name": "VDB-303516 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": [], "refsource": ""}, {"url": "https://vuldb.com/?id.303516", "name": "VDB-303516 | fumiao opencms dataPage.jsp path traversal", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in fumiao opencms up to a0fafa5cff58719e9b27c2a2eec204cc165ce14f. Affected is an unknown function of the file opencms-dev/src/main/webapp/view/admin/document/dataPage.jsp. The manipulation of the argument path leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-22"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-3317", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}}, "publishedDate": "2025-04-06T12:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-04-06T12:15Z"}