CNNVD-202511-051 Information
CNNVD ID
CNNVD-202511-051
Related CVE
- CNNVD Published: 2025-11-03
Description (Chinese)
FairSketch Rise Ultimate Project Manager and CRM是FairSketch公司的一款团队管理与客户关系管理系统。 FairSketch Rise Ultimate Project Manager and CRM 3.9.4版本存在安全漏洞,该漏洞源于票据评论API缺少授权检查,可能导致远程认证用户越权评论或上传附件。
Description (English)
FairSketch Reese Ultimate Project Manager and CRM is a team management and customer management system of FairSketch. FairSketch Rise Ultimate Project Manager and CRM version 3.9.4 contains a security loophole, which arises from the lack of authorization of the instrument comment API, which may result in remote authentication of users overstepping their authority to comment or upload attachments.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
FairSketch
Published
2025-11-03
Last Modified
2026-02-24
References
https://medium.com/@barrattjack89/cve-2025-63293-insecure-permissions-in-rise-crm-3-9-4-452c88c24195 http://fairsketch.com https://access.redhat.com/security/cve/cve-2025-63293
Share on: