CNNVD-202512-5103 Information

CNNVD ID

CNNVD-202512-5103

Related CVE

CVE-2025-65925

• CNNVD Published: 2025-12-30

Description (Chinese)

Zeroheight是英国Zeroheight公司的一个设计系统管理平台。 Zeroheight 2025-06-13之前版本存在安全漏洞，该漏洞源于遗留用户创建API允许绕过电子邮件验证步骤创建账户，可能导致垃圾邮件或虚假账户创建。

Description (English)

Zeroheight is a design system management platform for Zeroheight, a British company. The security loophole in the pre-Zeroheight 2025-06-13 version stems from the legacy user ’ s creation of an API allowing the creation of an account by way of an e-mail authentication step, which may lead to the creation of spam or a false account.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Zeroheight

Published

2025-12-30

Last Modified

2026-02-24

References

https://github.com/Sneden/zeroheight-account-verification-bypass-CVE-2025-65925 https://access.redhat.com/security/cve/cve-2025-65925

Patch

https://zeroheight.com/