CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-61987

GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. do not validate origins in WebSockets. If a user accesses a crafted page, Chat information sent to the user may be exposed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.1%

CVSS Severity

CVSS v3 Score 5.3

References

https://groupsession.jp/info/info-news/security20251208
https://jvn.jp/en/jp/JVN19940619/

Products affected by CVE-2025-61987

Groupsession » Groupsession » Version: Any

cpe:2.3:a:groupsession:groupsession:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-61987

Products

Pricing

Contact Us