HTML Injection in Patika Global Technologies’ HumanSuite_CVE-2025-8276

10 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

Description

Improper Encoding or Escaping of Output, Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'), Improper Control of Generation of Code ('Code Injection') vulnerability in Patika Global Technologies HumanSuite allows Input Data Manipulation, Format String Injection, Reflection Injection, Code Injection.This issue affects HumanSuite: before 53.21.0.

Basic Information

ID CVE-2025-8276

Source TR-CERT

Published Sep 16, 2025 at 14:00

Modified Sep 16, 2025 at 14:27

Affected Product

Vendor Patika Global Technologies

Product HumanSuite

Affected Versions Patika Global Technologies HumanSuite 0

CWE Classification

CWE-116 CWE-74 CWE-88 CWE-94

References

www.usom.gov.tr /bildirim/tr-25-0257

{
    "lastseen": "",
    "description": "Improper Encoding or Escaping of Output, Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'), Improper Control of Generation of Code ('Code Injection') vulnerability in Patika Global Technologies HumanSuite allows Input Data Manipulation, Format String Injection, Reflection Injection, Code Injection.This issue affects HumanSuite: before 53.21.0.",
    "published": "2025-09-16T14:00:24.663Z",
    "modified": "2025-09-16T14:27:40.344Z",
    "type": "cve",
    "title": "HTML Injection in Patika Global Technologies' HumanSuite",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-25-0257",
    "id": "CVE-2025-8276",
    "bulletinFamily": "",
    "cwe": [
        "CWE-116",
        "CWE-74",
        "CWE-88",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "Patika Global Technologies HumanSuite 0",
    "sourceHref": "",
    "cvss": {
        "score": 10,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "HumanSuite",
    "version": "0",
    "vendor": "Patika Global Technologies",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}