What is GHSA-hx94-2hv2-vwgc?

GHSA-hx94-2hv2-vwgc is a security advisory published by GitHub Security Advisories with Critical severity. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...

Which CVE IDs does GHSA-hx94-2hv2-vwgc cover?

GHSA-hx94-2hv2-vwgc covers the following CVE IDs: CVE-2025-10610. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-hx94-2hv2-vwgc?

GHSA-hx94-2hv2-vwgc has a CVSS v3 base score of 9.8, published by GitHub Security Advisories.

GHSA-hx94-2hv2-vwgcCriticalCVSS 9.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...

Vendor

GitHub Security Advisories

Published

October 14, 2025

Last Modified

June 5, 2026

🔗 CVE IDs covered (1)

CVE-2025-10610 →

📋 Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting Information Processing Industry and Foreign Trade Inc. Winsure allows Blind SQL Injection.This issue affects Winsure: through Version dated 21.08.2025.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2025-10610
https://www.usom.gov.tr/bildirim/tr-25-0337
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0337
https://github.com/advisories/GHSA-hx94-2hv2-vwgc