CNNVD-202509-4532 Information

CNNVD ID

CNNVD-202509-4532

Related CVE

CVE-2025-41092

• CNNVD Published: 2025-09-30

Description (Chinese)

Bold Workplanner是西班牙Bold Workplanner公司的一款人力资源管理的企业软件。 Bold Workplanner 2.5.25之前版本存在安全漏洞，该漏洞源于缺乏足够的用户输入验证，可能导致不安全的直接对象引用攻击。

Description (English)

Bold Workplanner is an enterprise software for human resources management for Bold Workplanner in Spain. There was a security loophole in the previous version of Bold Workplanner 2.5.25, which stemmed from the lack of sufficient user input validation, which could lead to unsafe direct object reference attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Bold Workplanner

Published

2025-09-30

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/insecure-direct-object-reference-gps-bold-workplanner

Patch

https://boldworkplanner.com/en/