Unknown · Aleksis-Core · CVE-2025-25683
Name of the Vulnerable Software and Affected Versions:
AlekSIS-Core versions 3.0 through 3.2.1
Description:
The issue is related to Incorrect Access Control, allowing unauthenticated users to access all PDF files.
Recommendations:
For AlekSIS-Core versions 3.0 through 3.2.1, consider restricting access to PDF files until a patch is available.
As a temporary workaround, limit access to sensitive PDF files to minimize the risk of unauthorized access.