CVE-2025-69203: Unregulated Dynamic Event Subscription
Dynamically subscribing to events from a user-supplied parameter without prior authorization checks can allow attackers to intercept sensitive internal events or bypass access controls. Ensure that adequate user privileges are confirmed prior to attaching dynamic listeners.
Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0
JS
JSgreprules fetch cve-2025-69203-unregulated-dynamic-event-subscription --engine opengrepDescription
Dynamically subscribing to events from a user-supplied parameter without prior authorization checks can allow attackers to intercept sensitive internal events or bypass access controls. Ensure that adequate user privileges are confirmed prior to attaching dynamic listeners.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0