What is GHSA-c7xc-fv22-2pq3?

GHSA-c7xc-fv22-2pq3 is a security advisory published by GitHub Security Advisories with Critical severity. Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used...

Which CVE IDs does GHSA-c7xc-fv22-2pq3 cover?

GHSA-c7xc-fv22-2pq3 covers the following CVE IDs: CVE-2025-5243. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-c7xc-fv22-2pq3?

GHSA-c7xc-fv22-2pq3 has a CVSS v3 base score of 10.0, published by GitHub Security Advisories.

GHSA-c7xc-fv22-2pq3CriticalCVSS 10.0

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used...

Vendor

GitHub Security Advisories

Published

July 25, 2025

Last Modified

June 5, 2026

🔗 CVE IDs covered (1)

CVE-2025-5243 →

📋 Description

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SMG Software Information Portal allows Code Injection, Upload a Web Shell to a Web Server, Code Inclusion.This issue affects Information Portal: before 13.06.2025.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2025-5243
https://www.usom.gov.tr/bildirim/tr-25-0174
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0174
https://github.com/advisories/GHSA-c7xc-fv22-2pq3