CVE-2025-11025

medium

Description

Insertion of Sensitive Information Into Sent Data vulnerability in Vimesoft Information Technologies and Software Inc. Vimesoft Corporate Messaging Platform allows Retrieve Embedded Sensitive Data. This issue affects Vimesoft Corporate Messaging Platform: from V1.3.0 before V2.0.0.

References

https://www.usom.gov.tr/bildirim/tr-25-0300

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0300

Details

Source: Mitre, NVD

Published: 2025-09-26

Updated: 2026-06-04

Risk Information

CVSS v2

Base Score: 5.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00031