Information Kerala Mission SANCHAYA CVE-2025-25382

HIGH
External Control of Assumed-Immutable Web Parameter (CWE-472)
2025-03-10 [email protected]
Information Disclosure
7.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 19:50 vuln.today
CVE Published
Mar 10, 2025 - 16:15 nvd
HIGH 7.5

DescriptionNVD

An issue in the Property Tax Payment Portal in Information Kerala Mission SANCHAYA v3.0.4 allows attackers to arbitrarily modify payment amounts via a crafted request.

AnalysisAI

The Property Tax Payment Portal in Kerala's SANCHAYA system (version 3.0.4) has a flaw that lets attackers change payment amounts in fake requests, potentially paying less tax than owed. This affects anyone using this government portal to pay property taxes in Kerala, India. An attacker could exploit this to reduce their tax payments or cause financial loss to the government by manipulating transaction amounts.

Technical ContextAI

affects Property Tax Payment Portal in Information Kerala Mission SANCHAYA v3.0.4. in the Property Tax Payment Portal in Information Kerala Mission SANCHAYA v3.0.4 allows attackers to arbitrarily modify payment amounts via a crafted request.

Affected ProductsAI

Product: Property Tax Payment Portal in Information Kerala Mission SANCHAYA v3.0.4.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Share

CVE-2025-25382 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy