CVE-2025-8350 · CVEKit

cve.orgen

359 chars

Execution After Redirect (EAR), Missing Authentication for Critical Function vulnerability in Inrove Software and Internet Services BiEticaret CMS allows Authentication Bypass, HTTP Response Splitting. This issue affects BiEticaret CMS: from 2.1.13 through 19022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

NVDen

359 chars

Execution After Redirect (EAR), Missing Authentication for Critical Function vulnerability in Inrove Software and Internet Services BiEticaret CMS allows Authentication Bypass, HTTP Response Splitting. This issue affects BiEticaret CMS: from 2.1.13 through 19022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

NVDes

399 chars

Ejecución Después de Redirección (EAR), vulnerabilidad de Autenticación Faltante para Función Crítica en Inrove Software e Internet Services BiEticaret CMS permite la Omisión de Autenticación, la División de Respuesta HTTP. Este problema afecta a BiEticaret CMS: desde 2.1.13 hasta 19022026. NOTA: Se contactó al proveedor con antelación sobre esta divulgación, pero no respondió de ninguna manera.

CVSS metrics across sources

2

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H