CVE-2025-11151 | THREATINT

Description

Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Beyaz Bilgisayar Software Design Industry and Trade Ltd. Co. CityPLus allows Detect Unpublicized Web Pages.This issue affects CityPLus: before V24.29500.1.0.

PUBLISHED Reserved 2025-09-29 | Published 2025-10-21 | Updated 2025-10-21 | Assigner TR-CERT

HIGH: 8.2CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

Product status

Default status

unaffected

Any version before V24.29500.1.0

affected

Credits

Aleyna KABAL finder

References

www.usom.gov.tr/bildirim/tr-25-0351

cve.org (CVE-2025-11151)

nvd.nist.gov (CVE-2025-11151)

Download JSON