CVE-2025-52338 | THREATINT

Description

An issue in the default configuration of the password reset function in LogicData eCommerce Framework v5.0.9.7000 allows attackers to bypass authentication and compromise user accounts via a bruteforce attack.

PUBLISHED Reserved 2025-06-16 | Published 2025-08-19 | Updated 2025-08-19 | Assigner mitre

References

cwe.mitre.org/data/definitions/522.html

cwe.mitre.org/data/definitions/521.html

www.logicdata.com/...webstore-for-erp-ecommerce-integration/

github.com/...ckSecurity/Advisories/tree/main/CVE-2025-52338

cve.org (CVE-2025-52338)

nvd.nist.gov (CVE-2025-52338)

Download JSON