PT-2026-20711 · Nootheme · Nootheme Citilights
João Pedro S Alcântara
+1
·
Published
2026-02-19
·
Updated
2026-02-19
·
CVE-2026-25367
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
NooTheme CitiLights versions prior to 3.7.2
Description
An authorization issue exists in NooTheme CitiLights due to incorrectly configured access control security levels. This allows for potential exploitation of the system.
Recommendations
Update NooTheme CitiLights to version 3.7.2 or later.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nootheme Citilights