CVE-2025-59473

Published Jan 26, 2026

Last updated 14 days ago

CVSS medium 6.0

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-59473 is a SQL Injection vulnerability found in the Structure component, impacting authenticated administrative users. This flaw arises from improper input sanitization, which allows attackers with administrative privileges to manipulate SQL queries. Successful exploitation of this vulnerability could lead to unauthorized access, modification, or deletion of data within the underlying database.

Description
SQL Injection vulnerability in the Structure for Admin authenticated user
Source
support@hackerone.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.0

Type
Secondary
Base score
6
Impact score
4.7
Exploitability score
1.2
Vector string
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
Severity
MEDIUM

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-89

Social media

Hype score
Not currently trending

  1. SQL Injection in Admin Panel (CVE-2025-59473) → Sensitive Data Access POC → 1. During authenticated testing of an admin dashboard, discovered an SQL query that included user input without sanitization 2. Intercepted the request with a proxy and injected SQL payloads into th

    @viehgroup

    7 Feb 2026

    3371 Impressions

    11 Retweets

    88 Likes

    49 Bookmarks

    1 Reply

    0 Quotes

  2. CVE-2025-59473 SQL Injection vulnerability in the Structure for Admin authenticated user https://t.co/MJ6qNSdE9o

    @CVEnew

    26 Jan 2026

    177 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.