CVE-2025-59709
- EPSS 0.23%
- Veröffentlicht 03.04.2026 00:00:00
- Zuletzt bearbeitet 09.04.2026 21:16:07
An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input in a path to be read by the server, a Super User attacker is able to read files on the system and/or coerce an authentication from the service, aka Dire...
CVE-2025-59710
- EPSS 0.16%
- Veröffentlicht 03.04.2026 00:00:00
- Zuletzt bearbeitet 09.04.2026 21:16:07
An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and us...
CVE-2025-59711
- EPSS 0.65%
- Veröffentlicht 03.04.2026 00:00:00
- Zuletzt bearbeitet 09.04.2026 00:30:06
An issue was discovered in Biztalk360 before 11.5. Because of mishandling of user-provided input in an upload mechanism, an authenticated attacker is able to write files outside of the destination directory and/or coerce an authentication from the se...