CNNVD-202508-3084 Information

CNNVD ID

CNNVD-202508-3084

Related CVE

CVE-2025-57813

• CNNVD Published: 2025-08-26

Description (Chinese)

Traq是Jack Polgar个人开发者的一套基于PHP 的项目管理和问题跟踪系统。 traQ 3.25.0之前版本存在日志信息泄露漏洞，该漏洞源于SQL错误日志中记录敏感信息，可能导致信息泄露。

Description (English)

Traq is a PHP-based project management and problem tracking system for Jack Polgar personal developers. There was a leak in log information in the pre-traQ 3.25.0 version, which originated from the recording of sensitive information in the SQL error log, which could lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

日志信息泄露

Affected Vendor

个人开发者

Published

2025-08-26

Last Modified

2026-02-24

References

https://github.com/traPtitech/traQ/security/advisories/GHSA-27r7-3m9x-r533 https://github.com/traPtitech/traQ/pull/2787 https://github.com/traPtitech/traQ/commit/ce5da94f5d5a8348f9ecdc82140b6f53b3721698 https://nvd.nist.gov/vuln/detail/CVE-2025-57813

Patch

https://github.com/traPtitech/traQ/releases