CVE-2025-8838 | WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8 Backend Interface /admin/ preHandle uri improper authentication (Issue 97)

A vulnerability was found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. It has been declared as critical. This vulnerability affects the function preHandle of the file /admin/ of the component Backend Interface. The manipulation of the argument uri leads to improper authentication.

This vulnerability was named CVE-2025-8838. The attack can be initiated remotely. Furthermore, there is an exploit available.

The real existence of this vulnerability is still doubted at the moment.

This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

The code maintainer responded to the issue that “[he] tried it, and using this link automatically redirects to the login page.”VulDB Recent EntriesRead More