How severe is CVE-2025-2321?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2025-2321?

This is classified as CWE-840, which is a common weakness in software security.

CVE-2025-2321 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this issue is some unknown functionality of the file /api/mjkj-chat/cgform-api/addData/. The manipulation of the argument chatUserID leads to business logic errors. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2024-6577

MEDIUM

CVSS:6.3(Medium)

In the latest version of pytorch/serve, the script 'upload_results_to_s3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This co...

CWE-8402024

CVE-2021-22922

MEDIUM

CVSS:6.5(Medium)

When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to g...

CWE-8402021

CVE-2021-36012

MEDIUM

CVSS:6.5(Medium)

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can l...

CWE-8402021