CVE-2025-65278
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-26
Last updated on: 2025-12-30
Assigner: MITRE
Description
Description
An issue was discovered in file users.json in GroceryMart commit 21934e6 (2020-10-23) allowing unauthenticated attackers to gain sensitive information including plaintext usernames and passwords.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| komal97 | grocerymart | 2020-10-23 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-312 | The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere. |
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a security issue in the file users.json of GroceryMart, where unauthenticated attackers can access sensitive information such as plaintext usernames and passwords.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to sensitive user credentials, potentially allowing attackers to compromise user accounts and gain further unauthorized access to the system or user data.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70