CVE Catalog

CVE-2025-59133

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.29%

20th percentile - higher than 20% of all known CVEs

Summary

In Projectopia versions <= 5.1.25.2, there is a vulnerability related to custom roles that allows unauthorized access to objects (IDOR). This issue may lead to the exposure of sensitive user data.

Risk Assessment

Organizations may be exposed to unauthorized access to data, potentially leading to privacy breaches and loss of customer trust.

Recommendation

It is recommended to update to the latest version of Projectopia to mitigate this vulnerability and review the user role management policy.

Original NVD description (English source)

Custom role Insecure Direct Object References (IDOR) in Projectopia <= 5.1.25.2 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS