CVE-2025-23202

Published Jan 17, 2025

Last updated a month ago

CVSS critical 10.0

Overview

Description
Bible Module is a tool designed for ROBLOX developers to integrate Bible functionality into their games. The `FetchVerse` and `FetchPassage` functions in the Bible Module are susceptible to injection attacks due to the absence of input validation. This vulnerability could allow an attacker to manipulate the API request URLs, potentially leading to unauthorized access or data tampering. This issue has been addressed in version 0.0.3. All users are advised to upgrade. There are no known workarounds for this vulnerability.
Source
security-advisories@github.com
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
10
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

Weaknesses

security-advisories@github.com
CWE-20

Social media

Hype score
Not currently trending

  1. [CVE-2025-23202: CRITICAL] URGENT: Attention all ROBLOX developers! Bible Module `FetchVerse` & `FetchPassage` functions vulnerable to injection attacks. Update to version 0.0.3 to fix. #CyberSecurity#cybersecurity,#vulnerability https://t.co/SsNNEgQzuj https://t.co/8AHJUoe8B

    @CveFindCom

    17 Jan 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References