Local File Inclusion Vulnerability in Organization Portal System by WellChoose
CVE-2025-8913

9.3CRITICAL

Key Information:

Vendor: Wellchoose
Status: Organization Portal System
Vendor: CVE Published:; 13 August 2025

What is CVE-2025-8913?

The Organization Portal System developed by WellChoose is susceptible to a Local File Inclusion vulnerability that may allow unauthenticated remote attackers to exploit the system. This security flaw can lead to unauthorized access and the potential execution of arbitrary code on the server, posing significant risks to the integrity of the system and sensitive data.

Affected Version(s)

Organization Portal System 0

References

https://www.twcert.org.tw/tw/cp-132-10321-3cae5-1.html

third-party-advisory

https://www.twcert.org.tw/en/cp-139-10325-70192-2.html

third-party-advisory

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 13, 2025
Vulnerability Reserved
Aug 13, 2025

Wellchoose

What is CVE-2025-8913?

Affected Version(s)

References

CVSS V4

Timeline