Vulnerability in Givanz Vvveb
CVE-2025-8517
A vulnerability was detected in givanz Vvveb 1.0.6.1. Impacted is an unknown function. The manipulation results in session fixiation. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to version 1.0…
EPSS: 0.006 (70.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.
Affected products
- Givanz Vvveb — versions 1.0.6.1, 1.0.7
- Vvveb
Weakness classification (CWE)
Public proof-of-concept exploits
References
- VDB-318643 | givanz Vvveb session fixiation (technical-description, Third Party Advisory, VDB Entry, vdb-entry)
- VDB-318643 | CTI Indicators (IOB, IOC) (signature, Permissions Required, permissions-required, VDB Entry)
- Submit #623135 | Vvveb Vvveb CMS 1.0.6.1 Session Fixiation (Third Party Advisory, VDB Entry, third-party-advisory)
- cna@vuldb.com (issue-tracking, Exploit, Mitigation, Issue Tracking)
- cna@vuldb.com (issue-tracking, Issue Tracking)
- cna@vuldb.com (Exploit, exploit, Mitigation)
- cna@vuldb.com (Patch, patch)
- cna@vuldb.com (Release Notes, patch)
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Exploit, Mitigation)
Frequently asked questions
- What is CVE-2025-8517?
- CVE-2025-8517 is a medium-severity vulnerability in Givanz Vvveb, classified under Session Fixation. CVSS score: 6.3/10. Published 2025-08-04.
- How severe is CVE-2025-8517?
- Medium severity. CVSS v3 base score is 6.3 out of 10.
- Is CVE-2025-8517 known to be exploited?
- 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.