Vulnerability Details CVE-2025-54320
In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, leading to an email bombing vulnerability. An authenticated attacker can exploit this by automating invite requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.0%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2025-54320
-
cpe:2.3:a:ascertia:signinghub:8.6.0
-
cpe:2.3:a:ascertia:signinghub:8.6.1
-
cpe:2.3:a:ascertia:signinghub:8.6.2
-
cpe:2.3:a:ascertia:signinghub:8.6.3
-
cpe:2.3:a:ascertia:signinghub:8.6.4
-
cpe:2.3:a:ascertia:signinghub:8.6.5
-
cpe:2.3:a:ascertia:signinghub:8.6.6
-
cpe:2.3:a:ascertia:signinghub:8.6.7