CVE-2025-3966

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/uglory-gll/javasec/blob/main/paicoding.md", "name": "https://github.com/uglory-gll/javasec/blob/main/paicoding.md", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://github.com/uglory-gll/javasec/blob/main/paicoding.md", "name": "https://github.com/uglory-gll/javasec/blob/main/paicoding.md", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://github.com/uglory-gll/javasec/blob/main/paicoding.md#21userhomeuserid1homeselecttyperead-view-browsing-history-of-others", "name": "https://github.com/uglory-gll/javasec/blob/main/paicoding.md#21userhomeuserid1homeselecttyperead-view-browsing-history-of-others", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://github.com/uglory-gll/javasec/blob/main/paicoding.md#21userhomeuserid1homeselecttyperead-view-browsing-history-of-others", "name": "https://github.com/uglory-gll/javasec/blob/main/paicoding.md#21userhomeuserid1homeselecttyperead-view-browsing-history-of-others", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.306302", "name": "VDB-306302 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["Permissions Required", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?id.306302", "name": "VDB-306302 | itwanger paicoding Browsing History home information disclosure", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?submit.557250", "name": "Submit #557250 | itwanger paicoding 1.0.3 Logical loopholes 1", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability was found in itwanger paicoding 1.0.3 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/home?userId=1&homeSelectType=read of the component Browsing History Handler. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-3966", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}}, "publishedDate": "2025-04-27T10:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:itwanger:paicoding:1.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-05-12T19:08Z"}