CVE-2025-3850 – YXJ2018 SpringBoot-Vue-OnlineExam Remote Authentication Bypass Vulnerability

April 21, 2025

CVE ID : CVE-2025-3850

Published : April 22, 2025, 1:15 a.m. | 1 hour, 21 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This issue affects some unknown processing of the component API. The manipulation leads to improper authentication. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3854 – H3C GR-3000AX HTTP POST Request Handler Buffer Overflow Vulnerability

Next Article CVE-2025-3855 – CodeCanyon RISE Ultimate Project Manager File Inclusion Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

AI is currently in its teenage years, battling raging hormones

4 ways your organization can adapt and thrive in the age of AI

Google’s new Search tool turns financial info into interactive charts – how to try it

This rugged Android phone has something I’ve never seen on competing models

Anthropic’s new AI models for classified info are already in use by US gov

Handling PostgreSQL Migrations in Node.js

Handling PostgreSQL Migrations in Node.js

How to Add Product Badges in Optimizely Configured Commerce Spire

Salesforce Health Check Assessment Unlocks ROI

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Spf Permerror Troubleshooting Guide For Better Email Deliverability Today

Amap – Gather Info in Easy Way

CVE-2025-3850 – YXJ2018 SpringBoot-Vue-OnlineExam Remote Authentication Bypass Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

Apple’s App Store shaken: Court ends ‘Apple tax’ on external purchases

AlphaQubit tackles one of quantum computing’s biggest challenges

ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files

Compare Collection Keys with Laravel’s diffKeys Method

CVE-2025-41407 – Zohocorp ManageEngine ADAudit Plus SQL Injection Vulnerability

CVE-2025-46520 – Alphasis Related Posts CSRF Stored XSS

CVE-2024-36486 – Parallels Desktop for Mac Privilege Escalation Vulnerability

North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

CVE-2025-48741 – StrangeBee TheHive Broken Access Control Vulnerability