VYPR
High severity7.3NVD Advisory· Published Mar 3, 2025· Updated Jun 17, 2026

CVE-2025-1840

CVE-2025-1840

Description

A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been rated as critical. Affected by this issue is some unknown functionality of the file /CDGServer3/workflowE/useractivate/updateorg.jsp. The manipulation of the argument flowId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Affected products

2
  • Esafenet/CDGllm-fuzzy2 versions
    5.6.3.154.205+ 1 more
    • (no CPE)range: 5.6.3.154.205
    • (no CPE)range: 5.6.3.154.205

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.