Skip to main content

CVE-2025-14750

External Control of Assumed-Immutable Web Parameter (CWE-472)
2026-01-22 ics-cert@hq.dhs.gov

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 22, 2026 - 22:16 nvd
N/A

DescriptionCVE.org

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges.

Analysis

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges.

Technical ContextAI

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges.

Affected ProductsAI

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged us

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2025-14750 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy