Missing Authorization Vulnerability in Event Rocket from Barry
CVE-2025-53452
4.3MEDIUM
What is CVE-2025-53452?
The missing authorization vulnerability in Barry's Event Rocket plugin permits attackers to exploit insecurely configured access control security levels. This flaw enables unauthorized access to sensitive areas of the application, leading to potential data leaks and misuse. Affected versions range from unspecified up to 3.3, necessitating careful scrutiny and immediate action from users to secure their installations.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Event Rocket <= 3.3
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Muhammad Yudha - DJ (Patchstack Alliance)