{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-55736","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2025-08-14T22:31:17.683Z","datePublished":"2025-08-19T19:04:00.564Z","dateUpdated":"2025-08-19T19:29:09.500Z"},"containers":{"cna":{"title":"flaskBlog allows arbitrary privilege escalation","problemTypes":[{"descriptions":[{"cweId":"CWE-425","lang":"en","description":"CWE-425: Direct Request ('Forced Browsing')","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-807","lang":"en","description":"CWE-807: Reliance on Untrusted Inputs in a Security Decision","type":"CWE"}]}],"metrics":[{"cvssV4_0":{"attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","baseScore":9.3,"baseSeverity":"CRITICAL","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N","version":"4.0"}}],"references":[{"name":"https://github.com/DogukanUrker/FlaskBlog/security/advisories/GHSA-6q83-vfmq-wf72","tags":["x_refsource_CONFIRM"],"url":"https://github.com/DogukanUrker/FlaskBlog/security/advisories/GHSA-6q83-vfmq-wf72"}],"affected":[{"vendor":"DogukanUrker","product":"FlaskBlog","versions":[{"version":"<= 2.8.0","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2025-08-19T19:04:00.564Z"},"descriptions":[{"lang":"en","value":"flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, an arbitrary user can change his role to \"admin\", giving its relative privileges (e.g. delete users, posts, comments etc.). The problem is in the routes/adminPanelUsers file."}],"source":{"advisory":"GHSA-6q83-vfmq-wf72","discovery":"UNKNOWN"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-08-19T19:28:47.372231Z","id":"CVE-2025-55736","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-08-19T19:29:09.500Z"}}]}}