CVE-2025-13246 | shsuishang ShopSuite ModulithShop up to 45a99398cec3b7ad7ff9383694f0b53339f2d35a JwtAuthenticationFilter.java JwtAuthenticationFilter path traversal

A vulnerability identified as critical has been detected in shsuishang ShopSuite ModulithShop up to 45a99398cec3b7ad7ff9383694f0b53339f2d35a. Impacted is the function JwtAuthenticationFilter of the file src/main/java/com/suisung/shopsuite/common/security/JwtAuthenticationFilter.java. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2025-13246. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

CVE-2025-13246 | shsuishang ShopSuite ModulithShop up to 45a99398cec3b7ad7ff9383694f0b53339f2d35a JwtAuthenticationFilter.java JwtAuthenticationFilter path traversal

Post correlati

CVE-2024-2162 | Kiloview NDI os command injection

CVE-2024-2759 | Alsendo Apaczka Plugin up to 4 on PrestaShop Template access control

CVE-2024-8786 | Auto Featured Image from Title Plugin up to 2.3 on WordPress cross site scripting

CVE-2024-30799 | PX4 Autopilot up to 1.14 Breach Return Point Privilege Escalation (Issue 22428)