HTTP Response Manipulation in SCRIPT CASE v.1.0.002 Build7 allows a remote attacker to escalate privileges via a crafted request.
https://www.besafebrasil.com.br/script-case-cve-2025-xx-xxxx/
https://github.com/simalamuel/Research/tree/main/CVE-2025-25535