CVE-2025-62503

Name of the Vulnerable Software and Affected Versions Versions prior to 2025-62503

Description A user possessing CREATE privilege but lacking UPDATE privilege for Pools, Connections, and Variables can modify existing records through the bulk create API utilizing the overwrite action. This allows unauthorized modification of data despite insufficient permissions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.