{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T07:37:40.205","vulnerabilities":[{"cve":{"id":"CVE-2025-24885","sourceIdentifier":"security-advisories@github.com","published":"2025-01-30T23:15:07.993","lastModified":"2025-01-30T23:15:07.993","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Missing access control on rendering custom (unprivileged) dojo pages causes ability for users to create stored XSS."},{"lang":"es","value":"pwn.college es una plataforma educativa para aprender y practicar conceptos básicos de ciberseguridad de manera práctica. La falta de control de acceso al generar páginas de Dojo personalizadas (sin privilegios) hace que los usuarios no puedan crear XSS almacenado."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:H\/I:L\/A:N","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-284"}]}],"references":[{"url":"https:\/\/github.com\/pwncollege\/dojo\/security\/advisories\/GHSA-8m79-rmhw-rg84","source":"security-advisories@github.com"}]}}]}