VYPR
Medium severity5.3NVD Advisory· Published Jun 3, 2025· Updated Jun 17, 2026

CVE-2025-41428

CVE-2025-41428

Description

Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in TimeWorks 10.0 to 10.3. If exploited, arbitrary JSON files on the server may be viewed by a remote unauthenticated attacker.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.