CVE-2025-69752

Name of the Vulnerable Software and Affected Versions Ideagen Q-Pulse version 7.1.0.32

Description An authenticated user can view other users' profile information in the "My Details" functionality by altering the objectKey HTTP parameter within the URL of the My Details page. This allows unauthorized information disclosure.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the "My Details" user profile functionality.