CVE-2025-12283

CWE-285 CWE-639 — Insecure Direct Object Reference3 documents3 sources

Severity

5.3MEDIUM

EPSS

0.0%

top 98.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Code-projects Client Details System Fabian Client Details System

Timeline

PublishedOct 27

Description

A security flaw has been discovered in code-projects Client Details System 1.0. The impacted element is an unknown function. The manipulation results in authorization bypass. The attack can be launched remotely. The exploit has been released to the public and may be exploited.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5code-projects/client_details_system1.0

▶NVDfabian/client_details_system1.0

🔴Vulnerability Details

GHSA

GHSA-x2w5-644h-c9p2: A security flaw has been discovered in code-projects Client Details System 1↗2025-10-27

▶

CVEList

code-projects Client Details System authorization↗2025-10-27

▶