CNNVD-202511-2730 Information

CNNVD ID

CNNVD-202511-2730

Related CVE

CVE-2025-64062

• CNNVD Published: 2025-11-25

Description (Chinese)

Primakon Pi Portal是克罗地亚Primakon公司的一个项目、合同管理平台。 Primakon Pi Portal 1.0.18版本存在安全漏洞，该漏洞源于/api/V2/pp_users?email端点缺少会话验证，可能导致权限提升。

Description (English)

Primakon Pi Portal is a project, contract management platform for Primakon, Croatia. There is a security loophole in version 1.0.18 of Primakon Pi Portal, which stems from the lack of session validation at the /api/V2/pp users?email endpoint, which may lead to increased privileges.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Primakon

Published

2025-11-25

Last Modified

2026-02-24

References

https://github.com/n3k7ar91/Vulnerabilites/blob/main/Primakon/CVE-2025-64062.md https://www.primakon.com/rjesenja/primakon-pcm/ https://access.redhat.com/security/cve/cve-2025-64062