VYPR
Medium severity4.3NVD Advisory· Published Jan 16, 2025· Updated Jun 17, 2026No known patch

CVE-2025-23955

CVE-2025-23955

Description

Missing Authorization vulnerability in xola Xola xola-bookings-for-tours-activities allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xola: from n/a through <= 1.6.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.