CVE-2025-3691

low-risk
Published 2025-04-16

A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as problematic. Affected is an unknown function of the component Add Link Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Do I need to act?

-
0.59% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.7/10 Low
NETWORK / LOW complexity

Affected Products (1)

Seven Bears Library Cms

Affected Vendors

Mirweiye

References (5)

Exploit https://github.com/KKDT12138/CVE/blob/main/cve2.pdf
Permissions Required https://vuldb.com/?ctiid.304980
Third Party Advisory https://vuldb.com/?id.304980
Third Party Advisory https://vuldb.com/?submit.553507
Exploit https://github.com/KKDT12138/CVE/blob/main/cve2.pdf
21
/ 100
low-risk
Severity 14/34 · Moderate
Exploitability 2/34 · Minimal
Exposure 5/34 · Minimal