CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-63293

FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. A remote authenticated user can append comments or upload attachments to tickets for which they lack view or edit authorization, due to missing authorization checks in the ticketing/commenting API.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.8%

CVSS Severity

CVSS v3 Score 6.5

References

http://fairsketch.com
https://medium.com/@barrattjack89/cve-2025-63293-insecure-permissions-in-rise-crm-3-9-4-452c88c24195

Products affected by CVE-2025-63293

Fairsketch » Rise Ultimate Project Manager » Version: 3.9.4

cpe:2.3:a:fairsketch:rise_ultimate_project_manager:3.9.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-63293

Products

Pricing

Contact Us