CNNVD-202509-4524 Information

CNNVD ID

CNNVD-202509-4524

Related CVE

CVE-2025-41098

• CNNVD Published: 2025-09-30

Description (Chinese)

Bold Workplanner是西班牙Bold Workplanner公司的一款人力资源管理的企业软件。 Bold Workplanner 2.5.25之前版本存在安全漏洞，该漏洞源于滥用通用查询Web服务，可能导致不安全的直接对象引用。

Description (English)

Bold Workplanner is an enterprise software for human resources management for Bold Workplanner in Spain. There was a security loophole in the previous version of Bold Workplanner 2.5.25, which resulted from the misuse of the Universal Access Web service, which could lead to unsafe direct reference.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Bold Workplanner

Published

2025-09-30

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/insecure-direct-object-reference-gps-bold-workplanner

Patch

https://boldworkplanner.com/en/