CVE-2025-3850 – YXJ2018 SpringBoot-Vue-OnlineExam Remote Authentication Bypass Vulnerability

April 21, 2025

CVE ID : CVE-2025-3850

Published : April 22, 2025, 1:15 a.m. | 1 hour, 21 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This issue affects some unknown processing of the component API. The manipulation leads to improper authentication. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3854 – H3C GR-3000AX HTTP POST Request Handler Buffer Overflow Vulnerability

Next Article CVE-2025-3855 – CodeCanyon RISE Ultimate Project Manager File Inclusion Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Tired of unsolicited nude pics? Google’s new safety feature can help – how it works

Improve or leave: Microsoft makes it easier to fire underperformers

Call of Duty: Black Ops 6 has a serious weed problem — but Activision’s double standards are more irritating

“If we had a choice in this, we would not pursue any legal actions against Schedule I” — Drug Dealer Simulator developers speak out on controversy involving their publisher

keepsuit/laravel-opentelemetry

keepsuit/laravel-opentelemetry

Community News: Latest PECL Releases (04.22.2025)

when to use map() vs. forEach()

Improve or leave: Microsoft makes it easier to fire underperformers

Improve or leave: Microsoft makes it easier to fire underperformers

Call of Duty: Black Ops 6 has a serious weed problem — but Activision’s double standards are more irritating

“If we had a choice in this, we would not pursue any legal actions against Schedule I” — Drug Dealer Simulator developers speak out on controversy involving their publisher

CVE-2025-3850 – YXJ2018 SpringBoot-Vue-OnlineExam Remote Authentication Bypass Vulnerability

April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Kubernetes IngressNightmare Vulnerabilities: What You Need to Know

Rilasciato ONLYOFFICE 8.3: Novità e Miglioramenti per la Suite Office Open-Source

Rilasciata Manjaro 25 “Zetar” con GNOME 48, KDE Plasma 6.3 e il kernel Linux 6.12

Sensor-Invariant Tactile Representation for Zero-Shot Transfer Across Vision-Based Tactile Sensors

MongoDB Empowers ISVs to Drive SaaS Innovation in India

MixedBread AI Introduces Binary MRL: A Novel Embeddings Compression Method, Making Vector Search Scalable and Enable Embeddings-based Applications

Cencora Data Breach Far More Widespread than Earlier Thought

China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families

Wine 10.0 Release Brings New Drivers, Features & Changes

CVE-2025-3850 – YXJ2018 SpringBoot-Vue-OnlineExam Remote Authentication Bypass Vulnerability

Related Posts