CVE-2025-65900 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/users API endpoint. Due to insufficient permission validation a…
Medium CVSS: 6.5

CVE-2025-65900

Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/users API endpoint. Due to insufficient permission validation and excessive data exposure in the backend, an authenticated user with basic read permissions can retrieve sensitive information for all platform users.
Vendor
Difuse
Product
Kalmia
CWE
CWE-863
Yayın Tarihi
2025-12-04 22:15:49
Güncelleme
2025-12-10 21:38:40
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-863 Kalmia MEDIUM Difuse 2025

Referanslar

https://github.com/DifuseHQ/Kalmia https://github.com/Noxurge/CVE-2025-65900/blob/main/README.md