CVE-2025-53639 | MeterSphere up to 3.6.4-lts API Endpoint sortField sql injection (GHSA-vcm3-5w3f-9f45)

A vulnerability classified as critical was found in MeterSphere up to 3.6.4-lts. Affected by this vulnerability is an unknown functionality of the component API Endpoint. The manipulation of the argument sortField leads to sql injection.

This vulnerability is known as CVE-2025-53639. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More