Medium severityNVD Advisory· Published Jan 30, 2025· Updated Apr 15, 2026
CVE-2025-24502
CVE-2025-24502
Description
An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.