PT-2025-44663 · Logicaldoc · Logicaldoc Community Edition
Zeeshan Khan
·
Published
2025-10-31
·
Updated
2025-11-07
·
CVE-2025-12547
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
LogicalDOC Community Edition versions up to 9.2.1
Description
A flaw exists in LogicalDOC Community Edition that relates to improper restriction of excessive authentication attempts. This issue affects the Admin Login Page component, specifically within the
/login.jsp file. The attack can be carried out remotely and is considered to have high complexity, with difficult exploitability. The exploit is publicly available.Recommendations
Versions prior to 9.2.1 should be updated.
Exploit
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Logicaldoc Community Edition