CVE-2025-54433 | Bugsink up to 1.4.2/1.5.4/1.6.3/1.7.3 event_id path traversal (GHSA-q78p-g86f-jg6q)

Inserito da Angelo Barbosa | Lug 30, 2025 | CVE

A vulnerability was found in Bugsink up to 1.4.2/1.5.4/1.6.3/1.7.3 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument event_id leads to path traversal.

This vulnerability is handled as CVE-2025-54433. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-54433 | Bugsink up to 1.4.2/1.5.4/1.6.3/1.7.3 event_id path traversal (GHSA-q78p-g86f-jg6q)

Post correlati

CVE-2023-52842 | Linux Kernel up to 6.6.1 virtio_transport_recv_pkt initialization (cd12535b97dd/0b8906fb48b9/34c4effacfc3)

CVE-2024-4670 | All-in-One Video Gallery Plugin up to 3.6.5 on WordPress Shortcode aiovg_search_form file inclusion

CVE-2024-34529 | Nebari up to 2024.4.1 Keycloak Password information disclosure (Issue 2282)

CVE-2025-7060 | Monitorr up to 1.7.6m Installer mkdbajax.php datadir input validation