Vulnerability Details CVE-2025-59711
An issue was discovered in Biztalk360 before 11.5. Because of mishandling of user-provided input in an upload mechanism, an authenticated attacker is able to write files outside of the destination directory and/or coerce an authentication from the service, aka Directory Traversal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.7%
CVSS Severity
CVSS v3 Score 8.3
References
Products affected by CVE-2025-59711
-
cpe:2.3:a:kovai:biztalk360:10.0
-
cpe:2.3:a:kovai:biztalk360:10.1
-
cpe:2.3:a:kovai:biztalk360:10.2
-
cpe:2.3:a:kovai:biztalk360:10.3
-
cpe:2.3:a:kovai:biztalk360:10.4
-
cpe:2.3:a:kovai:biztalk360:10.5
-
cpe:2.3:a:kovai:biztalk360:10.6
-
cpe:2.3:a:kovai:biztalk360:10.7
-
cpe:2.3:a:kovai:biztalk360:10.8
-
cpe:2.3:a:kovai:biztalk360:10.9
-
cpe:2.3:a:kovai:biztalk360:11.0
-
cpe:2.3:a:kovai:biztalk360:11.1
-
cpe:2.3:a:kovai:biztalk360:11.2
-
cpe:2.3:a:kovai:biztalk360:11.3
-
cpe:2.3:a:kovai:biztalk360:11.4
-
cpe:2.3:a:kovai:biztalk360:11.5
-
cpe:2.3:a:kovai:biztalk360:11.6
-
cpe:2.3:a:kovai:biztalk360:9.0
-
cpe:2.3:a:kovai:biztalk360:9.1