CVE-2025-0615

Published Jan 21, 2025

Last updated 16 days ago

Overview

Description
Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability allows an attacker to modify an email to contain the ‘+’ symbol to access the application and win prizes as many times as wanted.
Source
cve-coordination@incibe.es
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.3
Impact score
1.4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Severity
MEDIUM

Weaknesses

cve-coordination@incibe.es
CWE-22

Social media

Hype score
Not currently trending