CVE-2025-41078

Name of the Vulnerable Software and Affected Versions Viafirma Documents version 3.7.129

Description Weaknesses in the authorization mechanisms allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by impersonating other users of the application in the generation and signing of documents. The issue allows unauthorized access to data and functionality, potentially leading to significant compromise of the system.

Recommendations Update to a newer version that contains a fix for this vulnerability.