Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Feehi | Feehi Cms | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 Github GHSA |
GHSA-qgc9-p7cj-jvh6 | FeehiCMS fails to enforce server-side immutability |
Tue, 02 Dec 2025 03:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Feehi feehicms
|
|
| CPEs | cpe:2.3:a:feehi:feehicms:2.1.1:*:*:*:*:*:*:* | |
| Vendors & Products |
Feehi feehicms
|
Mon, 01 Dec 2025 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Feehi
Feehi feehi Cms |
|
| Vendors & Products |
Feehi
Feehi feehi Cms |
Mon, 01 Dec 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-125 | |
| Metrics |
cvssV3_1
|
Mon, 01 Dec 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username changes. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-12-01T20:13:19.913Z
Reserved: 2025-10-27T00:00:00.000Z
Link: CVE-2025-63523
Vulnrichment
Updated: 2025-12-01T20:13:13.789Z
NVD
Status : Analyzed
Published: 2025-12-01T15:15:50.973
Modified: 2025-12-02T03:06:26.707
Link: CVE-2025-63523
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-12-01T21:27:28Z