Description

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This issue has been patched in version 2.8.0.

INFO

Published Date :

2025-11-25T22:54:24.363Z

Last Modified :

2025-11-26T16:09:37.490Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-65952 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-65952.

URL Resource
https://github.com/iiDk-the-actual/Console/commit/4bcb1cf23ef78f8e6899dd6fe3afa3b24902e458 cve-icon cve-icon
https://github.com/iiDk-the-actual/Console/commit/e1005b8754594ad463ae58f8a99decda548b1826 cve-icon cve-icon
https://github.com/iiDk-the-actual/Console/security/advisories/GHSA-c3f7-xh45-2xc7 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability