Missing Authorization Vulnerability in Yandex Metrika by Yandex
CVE-2025-63063
6.5MEDIUM
What is CVE-2025-63063?
A missing authorization vulnerability exists in Yandex Metrika, affecting version 1.2.2 and earlier. This flaw arises from incorrectly configured access control security levels, which could allow unauthorized users to exploit the system. It is crucial for users to ensure proper access permissions are enforced to mitigate potential risks associated with this vulnerability.
Affected Version(s)
Yandex.Metrica <= n/a