CNNVD-202508-1374 Information

CNNVD ID

CNNVD-202508-1374

Related CVE

CVE-2025-52392

• CNNVD Published: 2025-08-13

Description (Chinese)

soosyze是Soosyze开源的一个内容管理系统。 soosyze 2.0版本存在安全漏洞，该漏洞源于/user/login端点缺少速率限制和锁定机制，可能导致暴力破解攻击。

Description (English)

Soosyze is an open-source content management system for Soosyze. Soosyze 2.0 has a security loophole, which stems from the lack of speed limits and lock-in mechanisms at the /user/login endpoint, which can lead to violent deciphering attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Soosyze

Published

2025-08-13

Last Modified

2026-02-24

References

https://beafn28.gitbook.io/beafn28/cve/brute-force-login-vulnerability-in-soosyze-cms-2.0-cve-2025-52392 https://github.com/soosyze/soosyze/issues/269 https://cxsecurity.com/issue/WLB-2025120016 https://www.exploit-db.com/exploits/52416 https://nvd.nist.gov/vuln/detail/CVE-2025-52392 https://access.redhat.com/security/cve/cve-2025-52392