{"uuid": "773e7ef6-e4d3-46b0-a362-07b2552209a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1968", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11060", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1968\n\ud83d\udd25 CVSS Score: 7.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L)\n\ud83d\udd39 Description: Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under some specific and uncommon circumstances allows reusing Session IDs (Session Replay Attacks).This issue affects Sitefinity: from 14.0 through 14.3, from 14.4 before 14.4.8145, from 15.0 before 15.0.8231, from 15.1 before 15.1.8332, from 15.2 before 15.2.8429.\n\ud83d\udccf Published: 2025-04-09T13:33:31.450Z\n\ud83d\udccf Modified: 2025-04-09T13:33:31.450Z\n\ud83d\udd17 References:\n1. https://community.progress.com/s/article/Sitefinity-Security-Advisory-for-Addressing-Security-Vulnerability-CVE-2025-1968-April-2025", "creation_timestamp": "2025-04-09T13:47:40.000000Z"}