CVE-2025-61075 | THREATINT

Description

Multiple Incorrect Access Control vulnerabilities in adata Software GmbH Mitarbeiterportal 2.15.2.0 allow remote authenticated, low-privileged users to carry out administrative functions and manipulate data of other users via unauthorized API calls.

PUBLISHED Reserved 2025-09-26 | Published 2025-12-09 | Updated 2025-12-11 | Assigner mitre

References

www.adata.de/mitarbeiter-portal/

no-sec.net/posts/cve-2025-61075/

cve.org (CVE-2025-61075)

nvd.nist.gov (CVE-2025-61075)

Download JSON