CVE-2025-48986

{"id": "CVE-2025-48986", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "support@hackerone.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2025-11-20T20:16:22.407", "references": [{"url": "https://hackerone.com/reports/3398283", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://hackerone.com/reports/3398283", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in attacker to change other users' email address and potentialy take over their accounts using the forgot password functionality."}], "lastModified": "2025-11-25T18:57:29.873", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47AC2D81-BA0C-404A-B6F6-31151956D422", "versionEndIncluding": "5.5.2"}, {"criteria": "cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42E4B7BD-5F7B-4FBE-93D2-C19F30FA5A51", "versionEndIncluding": "6.0.1", "versionStartIncluding": "6.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}