PT-2025-20154 · Wedevs · Webmail
Denver Jackson
·
Published
2025-05-07
·
Updated
2025-05-07
·
CVE-2025-47540
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
weDevs weMail versions 1.14.13 and earlier
Description
The issue allows exposure of sensitive system information to an unauthorized control sphere, enabling the retrieval of embedded sensitive data.
Recommendations
For weDevs weMail versions 1.14.13 and earlier, update to a version later than 1.14.13 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Webmail