CVE-2025-13251

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-13251
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13251.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-13251
Published
2025-11-16T13:15:43.280Z
Modified
2026-03-12T17:37:28.767855Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.

References

Affected packages

Git / github.com/weiye-jing/datax-web

Affected ranges

Type
GIT
Repo
https://github.com/weiye-jing/datax-web
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
61024e1aecf60527a74acb64697546d4b86cf738
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.1.2"
        }
    ]
}

Affected versions

1.*
1.0.0
v-2.*
v-2.1.1
v-2.1.2
v2.*
v2.0.0
v2.0.1
v2.1.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13251.json"