CVE-2025-62294

Sažetak

SOPlanning is vulnerable to Predictable Generation of Password Recovery Token. Due to weak mechanism of generating recovery tokens, a malicious attacker is able to brute-force all possible values and takeover any account in reasonable amount of time. This issue was fixed in version 1.55.

Reference

https://cert.pl/en/posts/2025/11/CVE-2025-62293
https://www.soplanning.org/en/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

20-11-2025 - 16:15

Objavljeno

20-11-2025 - 16:15