CVE-2025-2339

Name of the Vulnerable Software and Affected Versions otale Tale Blog version 2.0.5

Description A problem was found in otale Tale Blog. This issue affects an unknown part of the file /%61dmin/api/logs. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. This issue only affects products that are no longer supported by the maintainer.

Recommendations For version 2.0.5, as a temporary workaround, consider restricting access to the /admin/api/logs endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.