CNNVD-202509-4529 Information

CNNVD ID

CNNVD-202509-4529

Related CVE

CVE-2025-41091

• CNNVD Published: 2025-09-30

Description (Chinese)

Bold Workplanner是西班牙Bold Workplanner公司的一款人力资源管理的企业软件。 BOLD Workplanner 2.5.25之前版本存在安全漏洞，该漏洞源于缺乏足够的用户输入验证，可能导致经过身份验证的用户使用未经授权的内部标识符访问日历详细信息。

Description (English)

Bold Workplanner is an enterprise software for human resources management for Bold Workplanner in Spain. The previous version of BOLD Workplanner 2.5.25 had a security loophole, which stemmed from the lack of sufficient user input authentication, which could lead to unauthorized internal identifiers for users accessing calendar details.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Bold Workplanner

Published

2025-09-30

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/insecure-direct-object-reference-gps-bold-workplanner

Patch

https://boldworkplanner.com/en/