CVE-2025-25323Medium
Share link
Anyone with the link can open this vulnerability.
An issue in Qianjin Network Information Technology (Shanghai) Co., Ltd 51Job iOS 14.22.0 allows attackers to access sensitive user informat…
CVSS
5.5
Medium
EPSS
0.00
p7
Published
2025-01-01
Updated
2025-01-01
Description
An issue in Qianjin Network Information Technology (Shanghai) Co., Ltd 51Job iOS 14.22.0 allows attackers to access sensitive user information via supplying a crafted link.
Tags · CWE
CWE-84
CWE-84VariantDraft
Improper Neutralization of Encoded URI Schemes in a Web Page
The web application improperly neutralizes user-controlled input for executable script disguised with URI encodings.
https://cwe.mitre.org/data/definitions/84.html →Open in CWE collection →CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Timeline
2025-01-01
Published
2025-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: L
Local (L)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: R
Required (R)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: N
None (N)
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.002 · p7
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
No vulnerabilities match your filters.