CVE-2025-61950

In GroupSession, a Circular notice can be created with its memo field non-editable, but the authorization check is improperly implemented. With some crafted request, a logged-in user may alter the memo field. The affected products and versions are GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://groupsession.jp/info/info-news/security20251208	Vendor Advisory
https://jvn.jp/en/jp/JVN19940619/	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:groupsession:groupsession:::::free:::*
	cpe:2.3:a:groupsession:groupsession:::::zion:::*
	cpe:2.3:a:groupsession:groupsession:::::bycloud:::*

History

17 Feb 2026, 15:43

Type	Values Removed	Values Added
First Time		Groupsession Groupsession groupsession
References	~~() https://groupsession.jp/info/info-news/security20251208 -~~	() https://groupsession.jp/info/info-news/security20251208 - Vendor Advisory
References	~~() https://jvn.jp/en/jp/JVN19940619/ -~~	() https://jvn.jp/en/jp/JVN19940619/ - Third Party Advisory
CPE		cpe:2.3:a:groupsession:groupsession:::::free:::* cpe:2.3:a:groupsession:groupsession:::::zion:::* cpe:2.3:a:groupsession:groupsession:::::bycloud:::*

12 Dec 2025, 05:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-12 05:16

Updated : 2026-02-17 15:43

NVD link : CVE-2025-61950

Mitre link : CVE-2025-61950

CVE.ORG link : CVE-2025-61950

JSON object : View

Products Affected

groupsession

groupsession

CWE

CWE-639

Authorization Bypass Through User-Controlled Key

{"id": "CVE-2025-61950", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "vultures@jpcert.or.jp", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "vultures@jpcert.or.jp", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-12-12T05:16:07.583", "references": [{"url": "https://groupsession.jp/info/info-news/security20251208", "tags": ["Vendor Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://jvn.jp/en/jp/JVN19940619/", "tags": ["Third Party Advisory"], "source": "vultures@jpcert.or.jp"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "vultures@jpcert.or.jp", "description": [{"lang": "en", "value": "CWE-639"}]}], "descriptions": [{"lang": "en", "value": "In GroupSession, a Circular notice can be created with its memo field non-editable, but the authorization check is improperly implemented. With some crafted request, a logged-in user may alter the memo field. The affected products and versions are GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2."}], "lastModified": "2026-02-17T15:43:09.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:groupsession:groupsession:*:*:*:*:free:*:*:*", "vulnerable": true, "matchCriteriaId": "32599C61-0938-49C5-8416-44C3DF7B144A", "versionEndExcluding": "5.3.0"}, {"criteria": "cpe:2.3:a:groupsession:groupsession:*:*:*:*:zion:*:*:*", "vulnerable": true, "matchCriteriaId": "46F7CACE-2448-4A90-9192-B6270B33E393", "versionEndExcluding": "5.3.2"}, {"criteria": "cpe:2.3:a:groupsession:groupsession:*:*:*:*:bycloud:*:*:*", "vulnerable": true, "matchCriteriaId": "DD4CD8BC-39CB-44FF-A4D8-22C1B38ED223", "versionEndExcluding": "5.3.3"}], "operator": "OR"}]}], "sourceIdentifier": "vultures@jpcert.or.jp"}