General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-13873 | Stored Cross-Site Scripting (XSS) in the survey-import feature of ObjectPlanet Opinio 7.26 rev12562 on web application … | Medium (5.4) | 2025-12-02 | General-Purpose |
| CVE-2025-13872 | Blind Server-Side Request Forgery (SSRF) in the survey-import feature of ObjectPlanet Opinio 7.26 rev12562 on Web-… | Critical (9.1) | 2025-12-02 | General-Purpose |
| CVE-2025-13871 | Cross-Site Request Forgery (CSRF) in the resource-management feature of ObjectPlanet Opinio 7.26 rev12562 allows to… | High (8.8) | 2025-12-02 | General-Purpose |
| CVE-2025-13870 | Mattermost versions 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to validate the user permission when accessing the files… | Low (3.1) | 2025-12-02 | General-Purpose |
| CVE-2025-13724 | The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via th… | High (7.5) | 2025-12-02 | General-Purpose |