PT-2026-5989 · Eladmin+1 · Eladmin
Published
2026-02-04
·
Updated
2026-02-04
·
CVE-2025-70997
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
eladmin versions prior to 2.8
Description
An issue exists that allows an arbitrary user password reset regardless of the user permission level.
Recommendations
Update to a version later than 2.7.
Exploit
Fix
Incorrect Authorization
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Eladmin