CVE-2025-28399 Blast Radius

CRITICAL • CVSS 9.8An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the updateAddress method of the Address Controller class.

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2025-28399.

Start Free Scan →← Back to CVE-2025-28399