Moderate severityOSV Advisory· Published Dec 1, 2025· Updated Dec 1, 2025
CVE-2025-63523
CVE-2025-63523
Description
FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username changes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ghsa-coords
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.