CVE-2025-8887 | THREATINT

Description

Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Forceful Browsing, Parameter Injection, Input Data Manipulation.This issue affects Aybs Interaktif: from 2024 through 28082025.

PUBLISHED Reserved 2025-08-12 | Published 2025-10-10 | Updated 2025-10-10 | Assigner TR-CERT

MEDIUM: 6.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Problem types

CWE-639 Authorization Bypass Through User-Controlled Key

CWE-862 Missing Authorization

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status

unaffected

2024

affected

Credits

Can Nesimi ARI finder

References

www.usom.gov.tr/bildirim/tr-25-0329

cve.org (CVE-2025-8887)

nvd.nist.gov (CVE-2025-8887)

Download JSON