CNNVD-202510-3542 Information

Oct 27, 2025 cve

CNNVD ID

CNNVD-202510-3542

CVE-2023-37749

CNNVD Published: 2025-10-27

Description (Chinese)

HubSpot是美国的一个客户关系管理平台。 HubSpot v1.29441版本存在安全漏洞，该漏洞源于REST API端点访问控制不当，可能导致未经授权的用户数据查看。

Description (English)

HubSpot is a customer relationship management platform in the United States. There is a security loophole in the HubSpot v1.29441 version, which stems from inadequate access controls at the RET API endpoint, which may lead to unauthorized user data access.

Hazard Level

High

Vulnerability Type

其他

Published

2025-10-27

Last Modified

2026-02-24

References

https://app.hubspot.com/api/external-options/v2/pagedFetch/0-1/OWNER?useIndexOffset=true&portalId=22152277&clienttimeout=14000&hs_static_app=settings-ui-users&hs_static_app_version=1.43001&limit=200&q=&offset=0&includeDeleted=true https://gist.github.com/0xDBJ/28072f7eea42571d5b4ebaabdcb21cce https://owasp.org/Top10/A01_2021-Broken_Access_Control/ https://access.redhat.com/security/cve/cve-2023-37749

Share on: