CVE-2025-69752
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk6th percentile - higher than 6% of all known CVEs
Summary
An issue in the 'My Details' user profile functionality of Ideagen Q-Pulse 7.1.0.32 allows an authenticated user to view other users' profile information by modifying the objectKey HTTP parameter in the My Details page URL.
Risk Assessment
The risk involves unauthorized access to sensitive personal data of other users, potentially leading to privacy breaches and legal consequences.
Recommendation
Immediately update Ideagen Q-Pulse to the latest version that fixes this vulnerability and implement access authorization mechanisms for profile data.
Original NVD description (English source)
An issue in the "My Details" user profile functionality of Ideagen Q-Pulse 7.1.0.32 allows an authenticated user to view other users' profile information by modifying the objectKey HTTP parameter in the My Details page URL.

