CVE-2025-25116

CVSS 3.1 Score 7.6 of 10 (high)

Details

Published Feb 7, 2025

CWE ID 89

Summary

CVE-2025-25116 is a newly disclosed SQL injection vulnerability affecting the Link to URL / Post software version 1.3 and below. Hackers can exploit this weakness by injecting malicious SQL commands, which could result in unauthorized data access or modification. This type of attack is known as blind SQL injection, meaning the attacker does not directly see the response from the database, but rather infers it based on the application's behavior. This vulnerability poses a significant risk, as it enables unauthorized users to gain sensitive information or manipulate data within the affected system. It is highly recommended that users of Link to URL / Post upgrade to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database