# CVE-2025-47813

> loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie.

- **CVSS:** 4.3 (MEDIUM)
- **EPSS:** 25.5%
- **CISA KEV:** yes
- **CWE:** CWE-209

Canonical: https://intel.threadlinqs.com/cve/CVE-2025-47813
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp