CVE-2025-25478 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The account file upload functionality in Syspass 3.2.x fails to properly handle special characters in filenames. This mismanagement leads to the disclosure of t…
Medium CVSS: 6.5

CVE-2025-25478

The account file upload functionality in Syspass 3.2.x fails to properly handle special characters in filenames. This mismanagement leads to the disclosure of the web application s source code, exposing sensitive information such as the database password.
Vendor
Syspass
Product
Syspass
CWE
CWE-73
Yayın Tarihi
2025-02-28 23:15:11
Güncelleme
2025-07-09 19:30:08
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-73 Syspass MEDIUM Syspass 2025

Referanslar

https://github.com/sysentr0py/CVEs/tree/main/CVE-2025-25478 https://github.com/sysentr0py/CVEs/tree/main/CVE-2025-25478