cvelistv5 - cve-2025-2963

CVE-2025-2963 (GCVE-0-2025-2963)

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2025-04-03T22:43:13.507Z",
        "orgId": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
        "shortName": "ConcreteCMS"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
            }
          ],
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-2963",
    "datePublished": "2025-03-30T22:00:12.181Z",
    "dateRejected": "2025-04-03T22:43:13.507Z",
    "dateReserved": "2025-03-30T07:15:43.578Z",
    "dateUpdated": "2025-04-03T22:43:13.507Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-2963\",\"sourceIdentifier\":\"ff5b8ace-8b95-4078-9743-eac1ca5451de\",\"published\":\"2025-03-30T22:15:15.597\",\"lastModified\":\"2025-04-03T23:15:38.103\",\"vulnStatus\":\"Rejected\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\"}],\"metrics\":{},\"references\":[]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"ff5b8ace-8b95-4078-9743-eac1ca5451de\", \"shortName\": \"ConcreteCMS\", \"dateUpdated\": \"2025-04-03T22:43:13.507Z\"}, \"rejectedReasons\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\"}], \"value\": \"This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-2963\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"state\": \"REJECTED\", \"assignerShortName\": \"VulDB\", \"dateReserved\": \"2025-03-30T07:15:43.578Z\", \"datePublished\": \"2025-03-30T22:00:12.181Z\", \"dateUpdated\": \"2025-04-03T22:43:13.507Z\", \"dateRejected\": \"2025-04-03T22:43:13.507Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2025-2963

Vulnerability from fkie_nvd

Published

2025-03-30 22:15

Modified

2025-04-03 23:15

Severity ?

Summary

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

References

	URL	Tags

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
    }
  ],
  "id": "CVE-2025-2963",
  "lastModified": "2025-04-03T23:15:38.103",
  "metrics": {},
  "published": "2025-03-30T22:15:15.597",
  "references": [],
  "sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
  "vulnStatus": "Rejected"
}

ghsa-24x7-c4mf-44m6

Vulnerability from github

Published

2025-03-31 00:30

Modified

2025-03-31 00:30

Severity ?

3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Details

A vulnerability, which was classified as problematic, has been found in ConcreteCMS up to 9.3.9. This issue affects the function addEditQuestion of the component Legacy Form Block Handler. The manipulation of the argument Question leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website