High severity8.8NVD Advisory· Published Oct 2, 2025· Updated Apr 15, 2026
CVE-2025-11221
CVE-2025-11221
Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Unrestricted Upload of File with Dangerous Type vulnerability in GTONE ChangeFlow allows Path Traversal, Accessing Functionality Not Properly Constrained by ACLs.This issue affects ChangeFlow: from All versions through v9.0.1.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=9.0.1.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.