Vulnerability Database

315,294

Total vulnerabilities in the database

CVE-2025-65952

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This issue has been patched in version 2.8.0.

Published: Nov 25, 2025
Updated: Nov 27, 2025
CVE: CVE-2025-65952
Exploit:

No technical information available.

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

No affected software listed.

https://github.com/iiDk-the-actual/Console/commit/4bcb1cf23ef78f8e6899dd6fe3afa3b24902e458
https://github.com/iiDk-the-actual/Console/commit/e1005b8754594ad463ae58f8a99decda548b1826
https://github.com/iiDk-the-actual/Console/security/advisories/GHSA-c3f7-xh45-2xc7

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo