We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval.
Reserved 2025-06-16 | Published 2025-07-31 | Updated 2025-07-31 | Assigner mitregithub.com/...ommit/f886330e9e9216a3830775610a4a83f970c08e8d
github.com/Madhav-Bhardwaj/CVE-2025-52289
Support options